Re: [Full-disclosure] RE: Example firewall script (iptables)

Valdis.Kletnieks_at_vt.edu
Date: 08/30/05

  • Next message: Morning Wood: "Re: [Full-disclosure] No one else seeing the new MS05-039 worm yet?" 
    To: Bernardo Martín <bmartin@desic-sl.com>
Date: Tue, 30 Aug 2005 10:01:59 -0400

    On Tue, 30 Aug 2005 08:41:20 BST, =?iso-8859-1?Q?Bernardo_Mart=EDn?= said:
    > In my first email i requested about bad example firewall script, in later
    > mail i said that this script was to learn more so the scene isn't important
    > because i'm loking for bad script in any scene

    The scenario is *very* important - the firewall rules that I have on my
    laptop are demonstrably correct *for this usage*. However, they are also
    *incorrect* for other laptops, even others running Fedora Core 4 - of some
    60 lines of rules, fully 3/4 of them are dealing with local oddities of
    our network and what I do (for instance, there's a ruleset that does nothing
    effective except make sure that iptables doesn't hit a '-j LOG' for a
    retransmitted FIN+ACK for a just-torn-down connection to our mail server
    that's no longer in the conntrack cache, so it doesn't show up in a feed
    to our DSHield server).

    And of course, it bears almost *no* relationship to what the firewall
    rules look like for our Oracle servers - running my firewall rules on
    the Oracle boxes would be a "bad script", as would running the Oracle
    rulesets on my laptop.

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.grok.org.uk/full-disclosure-charter.html
    Hosted and sponsored by Secunia - http://secunia.com/

  • Next message: Morning Wood: "Re: [Full-disclosure] No one else seeing the new MS05-039 worm yet?"

    Relevant Pages

    • Re: Lan to Wan reprise
      ... What did you use to create the firewall script? ... >for what I need and it does the script building for me. ... >can build the firewall rules with graphics objects it can convert it to ... >a usable script for setting the rules on the server for you. ...
      (Fedora)
    • Re: keeping connected with pppd and a firewall, how?
      ... then starts the firewall. ... > lose connection once or twice a day, then I run this script again. ... Is Jay's firewall a iptables front ... change IP's and the firewall rules do not need to be changed. ...
      (alt.os.linux)
    • Re: RFC: my firewall ruleset(s)
      ... IPFW numbers rules that increment by 1. ... > The reasoning behind this is so I have a single firewall script for all ... Depending on the rc.conf entries on that server, the firewall ...
      (freebsd-questions)
    • Re: Turing of SP2 Firewall via registry entry?
      ... Group Policy that disables the firewall (see WF_XPSP2.doc ... Disabling the Use of Windows Firewall Across Your Network ... you create a script file that is read by ...
      (microsoft.public.windowsxp.security_admin)
    • Re: MS Security CD, wsh topic buried, non automated post (promise)
      ... Their stuff is for server is seems. ... you most likely want to script your 'access'. ... the firewall still inserted stuff in about every ... > Saying that you network drives may cease working. ...
      (microsoft.public.scripting.wsh)