[Firehol-support] IRC blocking
Christian - Salcam
christec at salcam.com.br
Mon Aug 2 15:01:59 BST 2004
Hi, Costa! Nice to meet you = )
This is my firehol.conf:
"
version 5
# Accept all client traffic on any interface
#interface any world
# client all accept
server_vpn_ports="tcp/1723"
client_vpn_ports="default 1723"
#Ips internos da rede
internal_ips="1.0.0.0/8"
interface eth1 dhcp
policy return
server dhcp accept
interface eth1 internal src "${internal_ips}"
policy reject
#servicos entrando na placa interna do linux
server "dns ftp http https ping" accept
server "ssh webmin" accept
server icmp accept
server squid accept
server aptproxy accept
server daytime accept
server finger accept
server echo accept
server msn accept
server "smtp imap imaps pop3" accept
server vpn accept
# server irc drop
client icmp accept
interface eth0 external src not "${internal_ips} ${UNROUTABLE_IPS}"
protection strong 10/sec 10
#servicos entrando na placa externa do linux
server "smtp imap imaps pop3" accept
server "http https dns" accept
server "ssh webmin" accept
client all accept
#Routing internal to external interface
router internal2external inface eth1 outface eth0
masquerade
route all accept
#Routing external to internal interface
router external2internal inface external outface internal
route ident reject with tcp-reset
"
Thanks for your attention,
Christian
--- in reply to----
Hi Christian,
What you describe cannot be happening. Something else is allowing the
traffic to pass. Could you please post your config file?
Costa
PS: When you have the "server irc accept" statement, if you change it to:
server irc accept log "IRC"
and then start an IRC conversation, does it log "IRC" packets in the
system log? It should if this statement matches the traffic.
> Hello, guys!
> First, thanks Costa for all your work.
>
> My Linux gateway have 2 NIC, external and internal, as usual.
>
> Second: I have an "easy problem" to solve, but it's not working. I
> want to stop irc conversation, and for so I'm using the following
> syntax in my internal NIC:
>
> server irc drop
>
> But for what I do remember, I don't need to explicitly close any port,
> just don't create a "accept rule", ok?
> Even creating this "denying rule", irc is still allowed. Someone could
> help me?
>
> Thanks for any help.
>
> Christian Prediger Appel
-------------------------------------------------------
This SF.Net email is sponsored by OSTG. Have you noticed the changes on
Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now,
one more big change to announce. We are now OSTG- Open Source Technology
Group. Come see the changes on the new OSTG site. www.ostg.com
_______________________________________________
Firehol-support mailing list
Firehol-support at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/firehol-support
More information about the Firehol-support
mailing list