dslreports logo
site
spacer

spacer
 
    All FAQs Site FAQ DSL FAQ Cable Tech About DSL Distance DSL Hurdles »»
spc

spacer




how-to block ads



This FAQ applies to using Sygate SPF 5.0 Pro but may be applicable to other firewalls that are rule based.

The user would have a need to do this if s/he was being particularly careful about the traffic that passes through the system's firewall while s/he was away from it. (Some users like to completely block all traffic on their networks while they sleep.)

First you need to be using a rules based firewall. (ZoneLabs free or licensed versions are not rules based to my knowledge.) Some rules based firewalls would include Kerio, Tiny & Sygate. I am using Sygate SPF 5.0 Pro but with a little modification you can take the following instructions and use them on your own rules based firewall.

Basically the user will create two rules. One will allow a specific block of IP addresses on a specific port/protocol and the other will block all traffic. Please note that some rules based firewalls read from top to bottom meaning that the rules are implemented in the order they were created.

    • - Create an advanced rule as you normally would. My first rule is called "F@H." I want to allow both incoming and outgoing traffic from a specific range of IPs on specific remote and local ports so I setup a rule with the following parameters.

    The IP range that F@H servers uses is 171.64.122.87-171.64.122.144 (Stanford's F@H Server Status Page)
    The protocol that F@H uses is TCP with a remote port of 80 and a local port of 8080. (Port 8080 is peculiar to the Proxomitron »www.proxomitron.org.)
    Specify both incoming and outgoing traffic directions.

    • - Create a second advanced rule to block all IPs on all ports/protocols for all applications. What is nice about Sygate is the user has the ability to enable scheduling which simply means that a specific timeframe can be configured during which time the firewall will block *all* traffic.


**Important: Make sure that you place the 1st allow rule on top and the second block all rule immediately below it.**

Expand got feedback?

by POB See Profile edited by sortofageek See Profile
last modified: 2007-03-23 13:10:59