[Firehol-support] IRC blocking

Christian - Salcam christec at salcam.com.br
Mon Aug 2 15:01:59 BST 2004

    Hi, Costa! Nice to meet you  = )
    This is my firehol.conf:

version 5

# Accept all client traffic on any interface
#interface any world
#       client all accept

        client_vpn_ports="default 1723"

        #Ips internos da rede

        interface eth1 dhcp
                policy return
                server dhcp accept

        interface eth1 internal src "${internal_ips}"
                policy reject

                #servicos entrando na placa interna do linux

                server "dns ftp http https ping" accept
                server "ssh webmin"     accept
                server icmp     accept
                server squid    accept
                server aptproxy accept
                server daytime  accept
                server finger   accept
                server echo     accept
                server msn      accept
                server "smtp imap imaps pop3"   accept
                server vpn      accept
        #       server irc      drop

                client icmp     accept

interface eth0 external src not "${internal_ips} ${UNROUTABLE_IPS}"
                protection strong 10/sec 10
                #servicos entrando na placa externa do linux

                server "smtp imap imaps pop3"   accept
                server "http https dns"         accept
                server "ssh webmin"             accept

                client  all     accept

                #Routing internal to external interface
        router internal2external inface eth1 outface eth0
                route all accept

                #Routing external to internal interface
        router external2internal inface external outface internal
                route ident reject with tcp-reset


    Thanks for your attention,

--- in reply to----

Hi Christian,

What you describe cannot be happening. Something else is allowing the
traffic to pass. Could you please post your config file?


PS: When you have the "server irc accept" statement, if you change it to:

server irc accept log "IRC"

and then start an IRC conversation, does it log "IRC" packets in the
system log? It should if this statement matches the traffic.

>     Hello, guys!
>     First, thanks Costa for all your work.
>     My Linux gateway have 2 NIC, external and internal, as usual.
>     Second: I have an "easy problem" to solve, but it's not working. I
> want to stop irc conversation, and for so I'm using the following
> syntax in my internal NIC:
>     server irc    drop
>     But for what I do remember, I don't need to explicitly close any port,
> just don't create a "accept rule", ok?
>     Even creating this "denying rule", irc is still allowed. Someone could
> help me?
>     Thanks for any help.
>     Christian Prediger Appel

This SF.Net email is sponsored by OSTG. Have you noticed the changes on
Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now,
one more big change to announce. We are now OSTG- Open Source Technology
Group. Come see the changes on the new OSTG site. www.ostg.com
Firehol-support mailing list
Firehol-support at lists.sourceforge.net

More information about the Firehol-support mailing list