Re: Kerio [2.1.5] Error "Rule Set Full"
From: \ (dvader_at_deathstar.mil)
Date: 06/18/04
- Next message: SysAdm: "Re: The best firewall is?"
- Previous message: Lurker: "Re: Is it Still Possible To Get earlier Versions Of Zone Alarm?"
- In reply to: Alan Illeman: "Re: Kerio [2.1.5] Error "Rule Set Full""
- Next in thread: BoB: "Re: Kerio [2.1.5] Error "Rule Set Full""
- Reply: BoB: "Re: Kerio [2.1.5] Error "Rule Set Full""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 17 Jun 2004 19:47:32 -0400
>I don't have any rules that 'block all', and 20 rules in all - and
>Ive had no invasion for months. Just curious, how to you block
>all, by setting a port 'range' deny of 1-65535?
If you don't care about logging, you can just set the general security level to
"Deny Unknown." That will block anything that does not have an explicit rule
allowing it, but it won't log blocked requests. If you want to log blocked
requests, you will need one or more "Block All" rules, depending on how you want
to categorize the events. I have separate rules for in or out, TCP, UDP, ICMP,
but a single rule for any protocol, either direction will work just fine.
Here is a snapshot of my "Block All" rule for inbound TCP:
http://lists.gpick.com/crashsite/tips/blockall.png
Notice that the logging option is checked. That is really the only reason I have
the rule.
-- Dave "Crash" Dummy - A weapon of mass destruction crash@gpick.com?subject=Techtalk (Do not alter!) http://lists.gpick.com
- Next message: SysAdm: "Re: The best firewall is?"
- Previous message: Lurker: "Re: Is it Still Possible To Get earlier Versions Of Zone Alarm?"
- In reply to: Alan Illeman: "Re: Kerio [2.1.5] Error "Rule Set Full""
- Next in thread: BoB: "Re: Kerio [2.1.5] Error "Rule Set Full""
- Reply: BoB: "Re: Kerio [2.1.5] Error "Rule Set Full""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
