[Firehol-support] servere's firewall
Grigory Fateyev
greg at anastasia.ru
Fri Apr 29 18:01:10 BST 2005
Hello!
I need to write very security firewall for hosting server. Write
frirehol.conf for it. What I must do for improving protection? Please,
give me advice.
Thanks!
########### firehol.conf
version 5
blacklist full 195.97.5.202
mac xx.xx.xx.0/24 my MAC-address
server_ips = "xxx.xxx.xxx.64/28"
trust_ips = "xx.xx.xx.0/24"
trust_dns = ""
interface eth0 internet src "${server_ips}"
protection strong 10/sec 10
server ident reject with tcp-reset
server dns accept
server ftp accept
server http accept
server https accept
server pop3 accept
server pop3s accept
server imap accept
server imaps accept
server ssh accept src "${trust_ips}"
# server icmp accept
client all accept
--
Всего наилучшего!
greg_[at]_anastasia_[dot]_ru Григорий.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 827 bytes
Desc: not available
URL: <http://lists.firehol.org/pipermail/firehol-support/attachments/20050429/4d72d207/attachment.sig>
More information about the Firehol-support
mailing list