[Gllug] IPcop Question
John Edwards
John.Edwards at cornerstonelinux.co.uk
Sat Mar 20 21:51:59 UTC 2004
On Sat, Mar 20, 2004 at 11:12:18AM +0000, Sean Burlington wrote:
<snip>
> on a related note ...
>
> I use smoothwall at work (installed it just before I found out about the
> ipcop fork)
>
>
> Until recently we had a policy of allowing all outbound traffic - but
> with the latest microsoft virus this has changed
>
> primarily with the need to block outgoing connections to port 81 and so
> preventing any inadvertently unprotected machines from downloading the
> virus payload.
>
> and I can't see any easy way to do this in either smoothwall or ipcop
>
> For now I have manually inserted rules into ipchains - but smoothwall
> being the obscure beast that it is I can't find a place to store this
> configuration !
>
> Does anyone know either how a good way to configure firewall rules in
> Smoothwall (beyond the supported web interface) ?
The Smoothwall people really do not like SysV init. Try having a look
in "/etc/rc.d/*", I think there is an "rc.local" file that is is called
last. Beware of it being overwritten by updates.
I can't be too sure as I've not used Smoothwall for two or three years.
> Failing that - is there a better free (libre) firewall that people would
> recommend.
I think IPCop has already been mentioned. Current version uses
iptables and a 2.4 kernel rather than ipchains.
Custom outgoing port blocking is something that both IPCop and
Smoothwall need. I think it may be introduced in the next version
of IPCop, but haven't had time to look at the beta versions.
--
#---------------------------------------------------------#
| John Edwards Email: John.Edwards at uk.com |
| |
| A. Because it breaks the logical sequence of discussion |
| Q. Why is top posting bad ? |
#---------------------------------------------------------#
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list