| reply to impala
Re: Westell 327W Firewall OK, now my inbound firewall rules look like:
title [ Security Level Custom (Low) IN rules ]
begin
# Drop and Log Packets with Time to Live (TTL) of 0 or 1
TTL
#drop match 3 8 { 01:FE } >> done, alert 4 [TTL of 0 or 1]
drop match 3 8 { 00:FF } >> done, alert 4 [TTL of 0]
drop match 3 8 { 01:FF } >> done, alert 4 [TTL of 1]
# Drop and Log Packets of Prohibited Source Address
Address
drop from addr 0.0.0.0 >> done, alert 4 [0.0.0.0 Source IP Address]
# Internet Control Message Protocol (ICMP)
# Pass Specific ICMP Types, Drop and Log all Unsolicited ICMP
ICMP
pass protocol icmp, icmp-type exceeded >> done # Type: 11 (allow TTL exceeded reply (trace route))
drop protocol icmp, icmp-type reply >> done, alert 3 [ICMP Message To WAN IP - Echo Reply - Dropped] # Type: 0 (block echo (ping) reply)
drop protocol icmp, icmp-type exceeded >> done, alert 3 [ICMP Message To WAN IP - TTL Exceeded - Dropped] # Type: 11 (block TTL exceeded reply (trace route))
drop protocol icmp, icmp-type unreachable >> done, alert 3 [ICMP Message To WAN IP - Dst Unreachable - Dropped] # Type: 3 (block unreachable reply)
drop protocol icmp, icmp-type request >> done, alert 3 [ICMP Message To WAN IP - Echo Request - Dropped] # Type: 8 (block echo (ping) requests)
drop protocol icmp >> done, alert 3 [ICMP Message To WAN IP - Dropped] # Type: (block all others)
#pass to port 20 >> state, done # FTP
#pass from port 20 >> state, done # FTP
#pass to port 21 >> state, done # FTP
#pass from port 21 >> state, done # FTP
# Permit All Inbound Packets That Are Not Explicitly Denied or That Have a Matching Session State Table Entry.
Permitted
pass all
end
I will try it and see what happens. Thanks. Shouldn't I delete the '#' pound sign at the beginning of each? Doesn't the # sound disable the line?
As to the other posts that are helping me with the Mac, my question was confusing. The firewall I am trying to configure is not the Mac firewall, but the firewall on the Westell 327W DSL Modem / Router. Thanks. |
