[wplug-bsd] exciting Saturday night: IPF
Brandon Kuczenski
brandon at 301south.net
Sun Aug 8 02:46:05 EDT 2004
I've been putting together my IPF rules and was wondering if someone here
could look over them briefly. I'm *pretty* sure I understand how IPF is
supposed to work, but I'm not *totally* sure.
The intention here is to masquerade (or NAT, whatever) my internal
network, allow incoming TCP SYN requests for certain services (ports 22,
80, 443) and allow TCP SYN requests for port 25 except those from problem
domains that were swamping me with spam. Plus I want to allow replies to
DNS lookups and NTPD synchronization. I think my comments are reasonably
good.
The files are available here:
http://301south.net/stuff/ipf.rules # for filtering
http://301south.net/stuff/ipnat.rules # for nat (obviously)
Thanks for any help; I'm particularly interested in the line where I block
TCP SYN requests emanating from inside the network on port 25 (if someone
has a windows machine and ends up with a spammy virus, for example). It's
line 15 of ipf.rules.
Thanks in advance,
Brandon
More information about the wplug-bsd
mailing list