Welcome, Guest. Please login or register.
Did you miss your activation email?
Monday 25 November 2024, 09:21:36 am

Login with username, password and session length

Visit the official Endian Community Mailinglist  HERE
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  Show rules of system services ?
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Show rules of system services ?  (Read 21625 times)
mmy
Jr. Member
*
Offline Offline

Posts: 5


« on: Wednesday 10 June 2009, 12:47:09 am »

Hello ,

What is "Show rules of system services" ?
Firewall -> System access .
and how to remove "rules of system services" ?
: )
Logged
Steve
Sr. Member
****
Offline Offline

Posts: 108



WWW
« Reply #1 on: Wednesday 10 June 2009, 12:02:57 pm »

They are the rules for traffic accessing the Firewall itself.

The rules are actually located in other places.

Example:
Turn SIP Proxy On and you will see the following rule in the list:  XX <ANY> GREEN  RED UDP/5060 UDP/7070:7090
Then turn SIP proxy Off and the rule will not be in the list.

You can not edit the rules in this window, they are listed there just for information.
If you want to get rid of these rules, you will have to remove the service that created the rule.


Logged

                          
mmy
Jr. Member
*
Offline Offline

Posts: 5


« Reply #2 on: Wednesday 10 June 2009, 03:06:10 pm »

Thanks ,
But i have problem , please look image :

Why i have this rules but haven't services :
DNS , IPSeec , NTop , Proxy.
Also in Source address , Source interface i have <ANY>  but i need limit access .
Logged
inteq
Full Member
***
Offline Offline

Posts: 12


« Reply #3 on: Wednesday 10 June 2009, 11:52:10 pm »

Good question
I was thinking about this also
Any clue?
Logged
npeterson
Full Member
***
Offline Offline

Posts: 90


« Reply #4 on: Thursday 11 June 2009, 12:35:43 am »

Thanks ,
But i have problem , please look image :

Why i have this rules but haven't services :
DNS , IPSeec , NTop , Proxy.
Also in Source address , Source interface i have <ANY>  but i need limit access .

DNS - this is for dns proxy
IPSEC - This is for firewall rules, this is critical dont change
Ntop - This is your network monitoring on the interfaces. http://serverip:3001
Proxy - This is for squid, dansgaurdian, and clamav to proxy your web requests.

To edit these you will need to do it from the command line.
Logged
Steve
Sr. Member
****
Offline Offline

Posts: 108



WWW
« Reply #5 on: Thursday 11 June 2009, 01:33:16 am »

These rules are created from either template files when a service is activated or by rules created by the user.
The template files and the rules themselves are in /etc/firewall and in particular /etc/firewall/inputfw in this case.

It's very important that these rules are not manually edited unless you have a very good understanding of how the firewall works, what services depend on others and and what ports services listen on.

Just because a rule exists, doesn't mean there is a security problem.
For example, I don't have a blue or orange interface yet a rule exists for both.

If you're worried that there may be a security problem with your setup, run a test to see if the loop-hole actually exists.

Logged

                          
mmy
Jr. Member
*
Offline Offline

Posts: 5


« Reply #6 on: Saturday 13 June 2009, 02:44:52 pm »

Hello and thanks .
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.141 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com