Configuring firewall Efficient Network 5835 DMT Router in Efficient

Configuring firewall Efficient Network 5835 DMT Router in Efficient http://www.dslreports.com/forum/r22266585 en Sun, 06 Dec 2009 02:44:20 EDT Sun, 06 Dec 2009 02:44:20 EDT Re: Configuring firewall Efficient Network 5835 DMT Router http://www.dslreports.com/forum/remark,22267915 adsldude : If DNS is all you want to impact then focus on just that.

firewall on
firewall deny -p udp -dp 53 -q -d both
save]]> http://www.dslreports.com/forum/remark,22267915 Mon, 20 Apr 2009 17:28:01 EDT Configuring firewall Efficient Network 5835 DMT Router http://www.dslreports.com/forum/remark,22266585 anon : Hi,

We are using aSiemens Efficient Network 5835 DMT Router.

Ik want to configure the firewall to block incoming DNS traffic, all other traffic may go trough because there is a Sonicwall firewall behind this router.

If there is an other way to stop DNS relay on this router that solution is welcom.

Traffic that needs to pass through is:
SMTP
HTTP
HTTPS
RDP
PPTP
NTP
TCP port 587

Will this script work?

# Firewall script - 2/28/2003
# For DSL router

#flush all existing filters
remote ipfilter flush input internet
remote ipfilter flush output internet
remote ipfilter flush transmit internet
remote ipfilter flush receive internet
eth ip filter flush input
eth ip filter flush output
eth ip filter flush transmit
eth ip filter flush receive

Firewall allow –a http –d both
Firewall allow –a dns –d out
Firewall allow –a https –d both
Firewall allow –a smtp –d both
Firewall allow –a pptp –d both
Firewall allow –a tcp –d both
Firewall allow –a rdp –d both
Firewall allow –a ntp –d both
Firewall allow –p tcp –dp 587 –d out
Firewall allow –p tcp –dp 587 –d in
Firewall allow –p tcp –sp 587 –d out
Firewall allow –p tcp –sp 587 –d in

#allow all icmp to and from the router
remote ipfilter insert input accept -p icmp internet remote ipfilter insert output accept -p icmp internet

#drop all packets not allowed above
remote ipfilter append input drop internet remote ipfilter append output drop internet

system deltelnetfilter LAN ??what is this command for??
system delhttpfilter LAN ??what is this command for??
system delsnmpfilter LAN ??what is this command for??
system delsyslogfilter LAN ??what is this command for??
system securemode set wan trusted ??what is this command for??

env set security min ??what is this command for??

Save]]> http://www.dslreports.com/forum/remark,22266585 Mon, 20 Apr 2009 13:47:08 EDT