Re: Kerio [2.1.5] Error "Rule Set Full"
From: \ (dvader_at_deathstar.mil)
Date: Thu, 17 Jun 2004 19:47:32 -0400
>I don't have any rules that 'block all', and 20 rules in all - and
>Ive had no invasion for months. Just curious, how to you block
>all, by setting a port 'range' deny of 1-65535?
If you don't care about logging, you can just set the general security level to
"Deny Unknown." That will block anything that does not have an explicit rule
allowing it, but it won't log blocked requests. If you want to log blocked
requests, you will need one or more "Block All" rules, depending on how you want
to categorize the events. I have separate rules for in or out, TCP, UDP, ICMP,
but a single rule for any protocol, either direction will work just fine.
Here is a snapshot of my "Block All" rule for inbound TCP:
Notice that the logging option is checked. That is really the only reason I have
-- Dave "Crash" Dummy - A weapon of mass destruction firstname.lastname@example.org?subject=Techtalk (Do not alter!) http://lists.gpick.com