I have setup a firewall to enable or disable access to the Internet.
I work only on the output rules, but when I enable reject on some
ports, nobody can use them from the outside (i.e. if I reject port
23 only in output, nobody from the Internet can telnet to my machine).
I am using Slackware 3.1 with kernel 2.0.21 (2.0.23 does not run due
to the problem with AIC7xxx, than I already have seen reported to
the mailing list).
I am using ipfwadm 2.3.0 with the following rules:
/sbin/ipfwadm -I -f
/sbin/ipfwadm -O -f
/sbin/ipfwadm -F -f
/sbin/ipfwadm -F -p deny
/sbin/ipfwadm -O -a reject -W ppp0 -P tcp -S 157.27.10.0/24 \
-D 0.0.0.0/0 21 23 \
70 80 194 1000:65535
/sbin/ipfwadm -O -a reject -W ppp0 -P tcp -S 157.27.10.0/24 \
-D 0.0.0.0/0 21 23 \
70 80 194 1000:65535
The input rules are:
arena:~$ /sbin/ipfwadm -I -l
IP firewall input rules, default policy: accept
Is a kernel problem or I am missing something ?
Thank you very much for any help,
mirko manea