Kurt Mahan wrote:
> I'm looking for some advice/suggestions/pointers.
> Currently I'm running m0n0wall 1.23 on a WRAP 3 port board. It works great!
> The DMZ is configured according to the faq article. All my external facing
> services live in there. No need to talk to the LAN.
> The default LAN setting is working but it allows everything to exit the
> firewall. Several articles I've read suggest restricting outgoing packets
> from the LAN to prevent viruses and such from contacting their mothership.
> My LAN has a mix of Linux and Windows boxen. Any suggestions/examples of
> LAN rulesets? Any popular ports used by viruses to close?
Change your 'default allow' rule to "Log packets handled by this rule.
Then make rules to allow the packets you use (and want to use) and put
them above your default allow rule. As you go, the logs for the default
rule will be less and less. When you think you have all you need, turn
it off, and you are secure. (Assuming you didn't add anything you