Firewall rules for Jetico: can I borrow from KPF ?

I have started using Jetico. It has a fair amount of pop-ups and i think that my standard responses are going to make a pretty huge rule table.

Does it work to just look at the Blitzen (or something like that) rule set for the Kerio firewall and basically plagiarize as hard as I possibly can? I would like to have a comprehensive, concise set of rules like the Kerio people have.

Do you know of a Jetico ruleset / and where can I find those Kerio rules? I think that I have the name wrong, Blitzen ?

B.

 

BZ's rule sets for Kerio 2.1.5 can be found here:

http://www.dslreports.com/forum/remark,8023708

I don't know of any Jetico rule sets you can download. The default rules are pretty good out of the box. As with any firewall, they will take some tweaking and adjustment to fit your setup.

One good idea might be to install Kerio 2.1.5 with BZ's rules and work thru that until you feel you know what you're doing. Then remove Kerio and install Jetico and see if you can duplicate the same Kerio basics in Jetico. Setting up Kerio with BZ's rules will give you a good education that you can then use in setting up Jetico.

 

Brjoon1021, found this in spanish


http://www.geocities.com/ladidel_jetico/jeticoindex


I hope this helps.

 

I'm fairly new to Jetico, but their help file implies your supposed to make "sub tables" for different application classes (you create a sub-table by right clicking on root and selecting insert table). These "sub tables" are templates that are then available in the "handle as....." pulldown menu on the popup message box. When you get the pop up alert the first time for a new application, you don't check "Allow this activity"; instead, you check the "handle as ....." radiobutton, and then select the template that you custom- created. Jetico comes with a premade template for web browsers. The first time you run firefox, opera, ie, etc, you should check "handle as...." web browser.

If you look at the "web browser" table, you'll see it has 4 rules:
1. allow access to network
2. outbound TCP port 80 (http)
3. outbound TCP port 443 (https)
4. continue (default action)


To create a rule table for a chat programs (AIM, MSN, and yahoo messenger), I first inserted a table by right clicking root, and selecting insert table. I renamed the table "chat program". The new table only had one rule (continue). I inserted 5 rules above the continue rule :

1. allow access to network
2. allow outbound port 5190 (for AIM)
3. allow outbound port 1863 (for msn)
4. allow outbound port 443 (for passport)
5 allow outbound port 5050 (for yahoo)

When I subsequently ran each of those programs, I was then able to select handle as..... chat program, and "remember my answer". (If you look in the help file under advanced firewall configuration, you'll find a lot more of the details on each step.)

This approach allows you to parse through you rule set much more efficiently than just one long rule list like what Kerio did (think binary search tree). If you're not using the table based approach with jetico, I personally think you're missing out on the strongest point of the program (efficient rule parsing).

 

Thanks ! I have been using Kerio 4.2 and Netveda lately but I may give Jetico another go.