EFW Support

Hello ,

What is "Show rules of system services" ?
Firewall -> System access .
and how to remove "rules of system services" ?
: )

They are the rules for traffic accessing the Firewall itself.

The rules are actually located in other places.

Example:
Turn SIP Proxy On and you will see the following rule in the list:  XX <ANY> GREEN  RED UDP/5060 UDP/7070:7090
Then turn SIP proxy Off and the rule will not be in the list.

You can not edit the rules in this window, they are listed there just for information.
If you want to get rid of these rules, you will have to remove the service that created the rule.

Thanks ,
But i have problem , please look image :
(http://i44.tinypic.com/34rar6v.jpg)
Why i have this rules but haven't services :
DNS , IPSeec , NTop , Proxy.
Also in Source address , Source interface i have <ANY>  but i need limit access .

Good question
I was thinking about this also
Any clue?

DNS - this is for dns proxy
IPSEC - This is for firewall rules, this is critical dont change
Ntop - This is your network monitoring on the interfaces. http://serverip:3001
Proxy - This is for squid, dansgaurdian, and clamav to proxy your web requests.

To edit these you will need to do it from the command line.

These rules are created from either template files when a service is activated or by rules created by the user.
The template files and the rules themselves are in /etc/firewall and in particular /etc/firewall/inputfw in this case.

It's very important that these rules are not manually edited unless you have a very good understanding of how the firewall works, what services depend on others and and what ports services listen on.

Just because a rule exists, doesn't mean there is a security problem.
For example, I don't have a blue or orange interface yet a rule exists for both.

If you're worried that there may be a security problem with your setup, run a test to see if the loop-hole actually exists.

Hello and thanks .