filseclab rules

Discussion in 'other firewalls' started by waters, Feb 25, 2006.

Thread Status:
Not open for further replies.
  1. waters

    waters Registered Member

    Joined:
    Nov 8, 2004
    Posts:
    934
    Trying this in place of sygate ,and so far really like it.
    I am not very good at rules.I have it set on general mode.
    When i go into rules and look at firefox etc,i see it has created rule to allow all directions.Do i need to allow in,or out,and if so which one is server and how do i deny server.
    With sygate i denyed server but is in or out server.Can someone please explain how
    Thanks
     
  2. waters

    waters Registered Member

    Joined:
    Nov 8, 2004
    Posts:
    934
    Also just tried shields up and failed on 8 ports.
     
  3. waters

    waters Registered Member

    Joined:
    Nov 8, 2004
    Posts:
    934
    Ok i changed evrything to out only in rules for applications,and i get stealth,is this ok
     
  4. Bob D

    Bob D Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    1,150
    Location:
    Mass., USA
    Been a while since I've had Filseclab installed, but if I recall, you should be able to achieve stealth with following:

    Create a rule:
    Application: (browse for your Firefox)
    Remote: Anynet
    Direction: In
    Time: Anytime
    Protocol: TCP
    Action: Deny
    This rule should be placed BEFORE your other browser app. rule which typically is: Anynet / All / Anytime / All / Pass.

    Cheers
     
  5. Alphalutra1

    Alphalutra1 Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    1,160
    Location:
    127.0.0.0/255.0.0.0
    You can get a good general idea of firewall rules and the such by looking at BlitzenZeus's kerio 2.1.5 ruleset Here. This is where I learned a ton about firewalls, the internet, etc. I only barely tried Filseclab on an old box of mine, but I prefered Kerio 2.1.5, so sorry I can't help you there.

    Good luck,
    Alphalutra1
     
  6. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    You should only need rules 'out' for most things. One exception might be p2p apps, they do need 'in' also generally speaking. But if you're just browsing with Firefox or any browser all you need is an 'out' rule. And if you now get stealth on grc.com then you're fine.
     
  7. waters

    waters Registered Member

    Joined:
    Nov 8, 2004
    Posts:
    934
    Thanks for the advice.
     
Thread Status:
Not open for further replies.