1 files changed, 0 insertions, 60 deletions
diff --git a/firewall.conf b/firewall.conf
deleted file mode 100644
index 78f873b..0000000
--- a/firewall.conf
+++ /dev/null
@@ -1,60 +0,0 @@
-EXTIF=eth1 # External interface
-INTIF=eth0 # Internal interface
-# Loop device/localhost
-LPDIF=lo
-LPDIP=127.0.0.1
-LPDMSK=255.0.0.0
-LPDNET="$LPDIP/$LPDMSK"
-# Defining some common chat clients. Remove these from your accepted list for better security.
-# ICQ and AOL are 5190
-# MSN is 1863
-# Y! is 5050
-# Jabber is 5222
-# Y! and Jabber ports not added by author and therefore left out of the script
-IRC='ircd'
-MSN=1863
-ICQ=5190
-YIM=5050
-AIM=5190
-NFS='sunrpc'
-PORTAGE='rsync'
-OpenPGP_HTTP_Keyserver=11371
-# All services ports are read from /etc/services
-TCPSERV="domain ssh http https ftp ftp-data mail pop3 pop3s time $PORTAGE $YIM $AIM"
-UDPSERV="domain time"
-INPORTS="ssh http"
-# COMmon ports:
-# 0 is tcpmux; SGI had vulnerability, 1 is common attack
-# 13 is daytime
-# 98 is Linuxconf
-# 111 is sunrpc (portmap)
-# 137:139, 445 is Microsoft
-# SNMP: 161,2
-# Squid flotilla: 3128, 8000, 8008, 8080
-# 1214 is Morpheus or KaZaA
-# 2049 is NFS
-# 3049 is very virulent Linux Trojan, mistakable for NFS
-# Common attacks: 1999, 4329, 6346
-# Common Trojans 12345 65535
-COMBLOCK="0:1 13 98 111 113 137:139 161:162 445 1214 1999 2049 3049 4329 6346 3128 8000 8008 8080 12345 65535"
-# TCP ports:
-# 98 is Linuxconf
-# 512-515 is rexec, rlogin, rsh, printer(lpd)
-#   [very serious vulnerabilities; attacks continue daily]
-# 1080 is Socks proxy server
-# 6000 is X (NOTE X over SSH is secure and runs on TCP 22)
-# Block 6112 (Sun's/HP's CDE)
-TCPBLOCK="$COMBLOCK 98 512:515 1080 3330 1128 3054 6000:6009 6112"
-# UDP ports:
-# 161:162 is SNMP
-# 520 is RIP
-# 9000 is Sangoma
-# 517:518 are talk and ntalk (more annoying than anything)
-UDPBLOCK="$COMBLOCK 161:162 520 123 517:518 1427 9000"
-\ No newline at end of file

diff --git a/firewall.conf b/firewall.conf deleted file mode 100644 index 78f873b..0000000 --- a/firewall.conf +++ /dev/null
@@ -1,60 +0,0 @@
1	EXTIF=eth1 # External interface
2	INTIF=eth0 # Internal interface
3
4	# Loop device/localhost
5	LPDIF=lo
6	LPDIP=127.0.0.1
7	LPDMSK=255.0.0.0
8	LPDNET="$LPDIP/$LPDMSK"
9
10	# Defining some common chat clients. Remove these from your accepted list for better security.
11	# ICQ and AOL are 5190
12	# MSN is 1863
13	# Y! is 5050
14	# Jabber is 5222
15	# Y! and Jabber ports not added by author and therefore left out of the script
16	IRC='ircd'
17	MSN=1863
18	ICQ=5190
19	YIM=5050
20	AIM=5190
21	NFS='sunrpc'
22	PORTAGE='rsync'
23	OpenPGP_HTTP_Keyserver=11371
24
25	# All services ports are read from /etc/services
26	TCPSERV="domain ssh http https ftp ftp-data mail pop3 pop3s time $PORTAGE $YIM $AIM"
27	UDPSERV="domain time"
28
29	INPORTS="ssh http"
30
31	# COMmon ports:
32	# 0 is tcpmux; SGI had vulnerability, 1 is common attack
33	# 13 is daytime
34	# 98 is Linuxconf
35	# 111 is sunrpc (portmap)
36	# 137:139, 445 is Microsoft
37	# SNMP: 161,2
38	# Squid flotilla: 3128, 8000, 8008, 8080
39	# 1214 is Morpheus or KaZaA
40	# 2049 is NFS
41	# 3049 is very virulent Linux Trojan, mistakable for NFS
42	# Common attacks: 1999, 4329, 6346
43	# Common Trojans 12345 65535
44	COMBLOCK="0:1 13 98 111 113 137:139 161:162 445 1214 1999 2049 3049 4329 6346 3128 8000 8008 8080 12345 65535"
45
46	# TCP ports:
47	# 98 is Linuxconf
48	# 512-515 is rexec, rlogin, rsh, printer(lpd)
49	# [very serious vulnerabilities; attacks continue daily]
50	# 1080 is Socks proxy server
51	# 6000 is X (NOTE X over SSH is secure and runs on TCP 22)
52	# Block 6112 (Sun's/HP's CDE)
53	TCPBLOCK="$COMBLOCK 98 512:515 1080 3330 1128 3054 6000:6009 6112"
54
55	# UDP ports:
56	# 161:162 is SNMP
57	# 520 is RIP
58	# 9000 is Sangoma
59	# 517:518 are talk and ntalk (more annoying than anything)
60	UDPBLOCK="$COMBLOCK 161:162 520 123 517:518 1427 9000" \ No newline at end of file