Re: ipf rules verification please

From: Berk S. Daemon (someone@somewhere.com)
Date: 04/29/02 

From: "Berk S. Daemon" <someone@somewhere.com>
Date: Mon, 29 Apr 2002 11:21:12 GMT

"Marc Lauzon" <hybrid999@hotmail.com> wrote in message
news:fb5ff1f4.0204281943.2a9cc0b3@posting.google.com...
> here are my ipf rules from ipf.conf
>
> please let me know if they are correct
>
> thanks
>
> ========================================================
>
> #block in on ppp0 all (removed to be able to reack the internet)
>
> #====blocking spoofing from not routable adresses====
> block in quick on ppp0 from 192.168.0.0/16 to any
> block in quick on ppp0 from 172.16.0.0/12 to any
> block in quick on ppp0 from 10.0.0.0/8 to any
> block in quick on ppp0 from 127.0.0.0/8 to any
> block in quick on ppp0 from 0.0.0.0/8 to any
> block in quick on ppp0 from 169.254.0.0/16 to any
> block in quick on ppp0 from 192.0.2.0/24 to any
> block in quick on ppp0 from 204.152.64.0/23 to any
> block in quick on ppp0 from 224.0.0.0/3 to any
> block in quick on ppp0 from 20.20.20.0/24 to any
> block in quick on ppp0 from any to 20.20.20.0/32 #smurf attack
> block in quick on ppp0 from any to 20.20.20.255/32 #smurf attack
>
> #====let in http and ssh access for web service and remote access====
> pass in quick on ppp0 proto tcp from any to any port = 80
> pass in quick on ppp0 proto tcp from any to any port = 22
>
> #====allow everybody from the inside to request the internet and keep
state====
> pass out quick on ppp0 proto tcp/udp from 192.168.0.0/32 to any keep state
> pass out quick on ppp0 proto icmp from 192.168.0.0/32 to any keep state
>
> #====let everything flow normally on the internal network====
> pass in quick on le1
> pass out quick on le1
>
> #====let everything flow normally on the loopback interface====
> pass in quick on lo0
> pass out quick on lo0

you should start it off with a default deny all stance too.

Relevant Pages

  • ipf rules verification please
    ... block in quick on ppp0 from 192.168.0.0/16 to any ... pass in quick on ppp0 proto tcp from any to any port = 80 ... pass out quick on le1 ... pass out quick on lo0 ...
    (comp.security.firewalls)
  • ipf rules verification please
    ... block in quick on ppp0 from 192.168.0.0/16 to any ... pass in quick on ppp0 proto tcp from any to any port = 80 ... pass out quick on le1 ... pass out quick on lo0 ...
    (comp.security.unix)