firewall design question

Discussion in 'other firewalls' started by easycock, Nov 16, 2005.

Thread Status:
Not open for further replies.
  1. easycock

    easycock Registered Member

    Joined:
    Nov 16, 2005
    Posts:
    1
    Hi,

    I am developing my own personal firewall as an interest. And have some question to ask:

    The firewall I developed is a very basic one with packet filtering with Stateful packet investigation support. The firewall will basically block everything except those approved by SPI.

    When I test it by surf web, it is ok when I open google main page. And fail when I go to yahoo main page. I dump out all the blocked packet, and found that when I go to google page, there is no any blocked packets. and for yahoo, there are a number of TCP port 80 packet from various IP address. I believed this is advertisement sources that is not requested by me (so it is not keep in SPI list). If I add rules to received TCP packets from port 80 from any source IP. then it is okay. So, my question is :

    1. What is the right way to design a firewall? Am I missing anything?

    2. Should a firewall turn on port 80 for any IP? is it save to do so?

    3. for most of the firewall out there, we basically just installed and run. Do they have a set of default filter rules pre-defined so that it will work properly? what is this default rules?

    thanks
     
  2. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,091
    At codeproject.com, by running a search for "firewall" you can download a lot of useful articles about firewalls and source code - for a good learning experience - like how to implement a firewall-hook driver, or how to Develop firewalls for Windows 2000/XP, both by Jesús O..

    Not sure, but you may have to join - for free, and their advertised tools are $$$, however, there may also be some free tools.

    -- Tom
     
Loading...
Thread Status:
Not open for further replies.