gagman
November 3rd, 2006, 11:39 AM
Hello,
Still testing CF 0.95 ono WIN2K server... and another issue occurs.
I have a webserver running on my CF-protected machine (xitami, fine for test purpose).
I have only a rule in system part : block log from any to any
I have created a security profiule for xitami, where 2 rules :
block log from any to any (default one, cannot be removed)
pass log from any to any keep state
But this configuration doesn't work.
On activity monitor, I can see on xitami profile some entries, with xigui32 as application (xitami process).
But on system activity monitor, I have same entries (I guess at this point, all the logs are) plus other entries in inbound with remote port 80, with unknown as application. Those new entries are linked to my xitami connection, so I need to have my web server running to have a rule in xitami profile plus a rule in security profile.
Is it the normal way for CF to work ?
Still testing CF 0.95 ono WIN2K server... and another issue occurs.
I have a webserver running on my CF-protected machine (xitami, fine for test purpose).
I have only a rule in system part : block log from any to any
I have created a security profiule for xitami, where 2 rules :
block log from any to any (default one, cannot be removed)
pass log from any to any keep state
But this configuration doesn't work.
On activity monitor, I can see on xitami profile some entries, with xigui32 as application (xitami process).
But on system activity monitor, I have same entries (I guess at this point, all the logs are) plus other entries in inbound with remote port 80, with unknown as application. Those new entries are linked to my xitami connection, so I need to have my web server running to have a rule in xitami profile plus a rule in security profile.
Is it the normal way for CF to work ?