[ previous ] [ next ] [ threads ]
 
 From:  sai <sonicsai at gmail dot com>
 To:  "XXX xxx xxx XXX xxx" <secure dot boy at hotmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Please send me firewall rules most used
 Date:  Thu, 26 Apr 2007 10:55:55 +0500
On 4/14/07, XXX xxx xxx XXX xxx <secure dot boy at hotmail dot com> wrote:
> i'm new with m0n0
> plsease send me most used rules
> With respect Dejan
>
>

This is an example for a simple small company network. As others have
pointed out you should block everything and then only allow a few
ports to be opened. Which ports should be opened all depends on your
policy.

LAN:
PASS   * * * 80  // allow http to all , you might add a rule for https
PASS   mailserver * * 25  // allow smtp to the mailserver
PASS mailserver * * 110 //allow the mailserver to pop from the outside

set your pcs to use the firewall for DNS

everything else is blocked. FTP, ssh... might be needed by some and
you might add rules for their ip address to be allowed.

sai