We are using aSiemens Efficient Network 5835 DMT Router.
Ik want to configure the firewall to block incoming DNS traffic, all other traffic may go trough because there is a Sonicwall firewall behind this router.
If there is an other way to stop DNS relay on this router that solution is welcom.
Traffic that needs to pass through is: SMTP HTTP HTTPS RDP PPTP NTP TCP port 587
Will this script work?
# Firewall script - 2/28/2003 # For DSL router
#flush all existing filters remote ipfilter flush input internet remote ipfilter flush output internet remote ipfilter flush transmit internet remote ipfilter flush receive internet eth ip filter flush input eth ip filter flush output eth ip filter flush transmit eth ip filter flush receive
Firewall allow –a http –d both Firewall allow –a dns –d out Firewall allow –a https –d both Firewall allow –a smtp –d both Firewall allow –a pptp –d both Firewall allow –a tcp –d both Firewall allow –a rdp –d both Firewall allow –a ntp –d both Firewall allow –p tcp –dp 587 –d out Firewall allow –p tcp –dp 587 –d in Firewall allow –p tcp –sp 587 –d out Firewall allow –p tcp –sp 587 –d in
#allow all icmp to and from the router remote ipfilter insert input accept -p icmp internet remote ipfilter insert output accept -p icmp internet
#drop all packets not allowed above remote ipfilter append input drop internet remote ipfilter append output drop internet
system deltelnetfilter LAN ??what is this command for?? system delhttpfilter LAN ??what is this command for?? system delsnmpfilter LAN ??what is this command for?? system delsyslogfilter LAN ??what is this command for?? system securemode set wan trusted ??what is this command for??
