Re: help with IP filter rules
- From: Darren Dunham <ddunham@xxxxxxxxxxxxxxxx>
- Date: Mon, 27 Nov 2006 23:11:03 GMT
bill3 <giotsas@xxxxxxxxx> wrote:
Hello everyone.
I activated successfully IP filter in Solaris 10 with the following
rules:
block in all
pass in quick proto tcp from any to any port=22
pass in quick proto tcp from any to any port=25
pass in quick proto tcp from any to any port=80
pass in quick proto tcp from any to any port=587
Namely I want only the ssh, http and smtp services to be active. But
after activating the firewall I can't connect to the internet. When I
deactivate it there's no problem.
What's wrong with this rules? I thought they are correct :-(
Turn on logging for your block rule and see what's being blocked when
you connect.
Are any of those services going to be mad that they can't resolve
hostnames?
I don't see any 'out' rules. Is your default for out block or pass?
Since you're not doing keep state, it's going to have to evaluate every
packet. You probably want to keep state on initial connection and only
allow flags S on these protocols.
--
Darren Dunham ddunham@xxxxxxxx
Senior Technical Consultant TAOS http://www.taos.com/
Got some Dr Pepper? San Francisco, CA bay area
< This line left intentionally blank to confuse you. >
.
- References:
- help with IP filter rules
- From: bill3
- help with IP filter rules
- Prev by Date: Re: zones and 127.0.0.1
- Next by Date: Re: get rid of the data
- Previous by thread: help with IP filter rules
- Next by thread: Re: help with IP filter rules
- Index(es):
Relevant Pages
|
