On 8/4/2014 2:54 PM, merc1...@f-m.fm wrote: > On Mon, Aug 4, 2014, at 14:32, Tom Eastep wrote: >> On 8/4/2014 12:31 PM, merc1...@f-m.fm wrote: >>> On Mon, Aug 4, 2014, at 09:48, Tom Eastep wrote: >>>> You can allow the connection in the NEW section but DROP the traffic in >>>> the ESTABLISHED section. That way, the connection will be made and you >>>> will be able to see it with netstat or ss, but no data will be sent. >>> >>> I'm one of those old-tyme Shorewall users (and in fact live in Shoreline >>> as well), >> >> Hi neighbor :-) > > Howdy. > > Interesting how they're cutting down all our trees... > > >>> so have never needed to mess with this new NEW, ESTABLISHED, >>> etc stuff. Apparently it's to do with the rules file. >>> >>> I sure don't want to make a false move and allow this trojan to get out, >>> so can you give me complete instructions? >> >> In the rules file: >> >> ?SECTION ESTABLISHED >> DROP net fw tcp - 25 >> DROP fw net tcp 25 >> ?SECTION NEW >> ACCEPT fw net tcp 25 > > Ok I've set it this way and am monitoring 25 & 110. > #SECTION ESTABLISHED > DROP net $FW tcp - 25,110 > DROP $FW net tcp 25,110 > #SECTION NEW > ACCEPT $FW net tcp 25,110 > > These sections come after all my other rules. I infer that #SECTION > ESTABLISHED and NEW just have to do with the order in which they appear, > and are not specially-coded to be acted on in some way.
These come FIRST and you must code the section headers as I showed you!!! -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Infragistics Professional Build stunning WinForms apps today! Reboot your WinForms applications with our WinForms controls. Build a bridge from your legacy apps to the future. http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
