diff options
Diffstat (limited to 'firewall.conf')
-rw-r--r-- | firewall.conf | 60 |
1 files changed, 0 insertions, 60 deletions
diff --git a/firewall.conf b/firewall.conf deleted file mode 100644 index 78f873b..0000000 --- a/firewall.conf +++ /dev/null | |||
@@ -1,60 +0,0 @@ | |||
1 | EXTIF=eth1 # External interface | ||
2 | INTIF=eth0 # Internal interface | ||
3 | |||
4 | # Loop device/localhost | ||
5 | LPDIF=lo | ||
6 | LPDIP=127.0.0.1 | ||
7 | LPDMSK=255.0.0.0 | ||
8 | LPDNET="$LPDIP/$LPDMSK" | ||
9 | |||
10 | # Defining some common chat clients. Remove these from your accepted list for better security. | ||
11 | # ICQ and AOL are 5190 | ||
12 | # MSN is 1863 | ||
13 | # Y! is 5050 | ||
14 | # Jabber is 5222 | ||
15 | # Y! and Jabber ports not added by author and therefore left out of the script | ||
16 | IRC='ircd' | ||
17 | MSN=1863 | ||
18 | ICQ=5190 | ||
19 | YIM=5050 | ||
20 | AIM=5190 | ||
21 | NFS='sunrpc' | ||
22 | PORTAGE='rsync' | ||
23 | OpenPGP_HTTP_Keyserver=11371 | ||
24 | |||
25 | # All services ports are read from /etc/services | ||
26 | TCPSERV="domain ssh http https ftp ftp-data mail pop3 pop3s time $PORTAGE $YIM $AIM" | ||
27 | UDPSERV="domain time" | ||
28 | |||
29 | INPORTS="ssh http" | ||
30 | |||
31 | # COMmon ports: | ||
32 | # 0 is tcpmux; SGI had vulnerability, 1 is common attack | ||
33 | # 13 is daytime | ||
34 | # 98 is Linuxconf | ||
35 | # 111 is sunrpc (portmap) | ||
36 | # 137:139, 445 is Microsoft | ||
37 | # SNMP: 161,2 | ||
38 | # Squid flotilla: 3128, 8000, 8008, 8080 | ||
39 | # 1214 is Morpheus or KaZaA | ||
40 | # 2049 is NFS | ||
41 | # 3049 is very virulent Linux Trojan, mistakable for NFS | ||
42 | # Common attacks: 1999, 4329, 6346 | ||
43 | # Common Trojans 12345 65535 | ||
44 | COMBLOCK="0:1 13 98 111 113 137:139 161:162 445 1214 1999 2049 3049 4329 6346 3128 8000 8008 8080 12345 65535" | ||
45 | |||
46 | # TCP ports: | ||
47 | # 98 is Linuxconf | ||
48 | # 512-515 is rexec, rlogin, rsh, printer(lpd) | ||
49 | # [very serious vulnerabilities; attacks continue daily] | ||
50 | # 1080 is Socks proxy server | ||
51 | # 6000 is X (NOTE X over SSH is secure and runs on TCP 22) | ||
52 | # Block 6112 (Sun's/HP's CDE) | ||
53 | TCPBLOCK="$COMBLOCK 98 512:515 1080 3330 1128 3054 6000:6009 6112" | ||
54 | |||
55 | # UDP ports: | ||
56 | # 161:162 is SNMP | ||
57 | # 520 is RIP | ||
58 | # 9000 is Sangoma | ||
59 | # 517:518 are talk and ntalk (more annoying than anything) | ||
60 | UDPBLOCK="$COMBLOCK 161:162 520 123 517:518 1427 9000" \ No newline at end of file | ||