Help for a dumbass Jetico PF2 user

Discussion in 'other firewalls' started by n8chavez, Jun 24, 2008.

Thread Status:
Not open for further replies.
  1. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,302
    Location:
    Location Unknown
    Is there any one out there that can help me put togetther a tight (secure) ruleset for JPF2? Something similar to what Phantom did for LnS would be nice. I am not new to rule-based firewall, but I am to the table-based approach JPF2 uses and I have no idea where to begin.
     
  2. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,302
    Location:
    Location Unknown
    I should specify that I'm looking for help only in creating a secure set of internet filtering rules not application rules.
     
  3. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,302
    Location:
    Location Unknown
    Well that's a bummer. I had hoped more people would be willing to dhare their filtering rulesets, seeing as how that is the main function of a firewall. No matter, on with more questions:

    1. How can I access my application rules? I answer application popups based on the rule 'template' or I create my own but I cannot find where any of those are located. I think I might need to edit some of them.

    2. How do I enable stateful packet inspection? I understand JPF only has limited TCP inspection but I do not know how to enable it.
     
  4. Seer

    Seer Registered Member

    Joined:
    Feb 12, 2007
    Posts:
    1,596
    Location:
    Singidunum
    Hello n8 :)

    There are not many Jetico users around. As far as I have noticed, they think Jetico is too "complicated" to set up or too "intrusive" or whatever. It is neither, you just need to take a good look at it and everything becomes very logical.

    I am not aware of what Phant0m did for LnS as I have never tried his ruleset. But LnS has the ability to create/use RAW rules in conjuction with MAC filtering, and such granularity to filter lower OSI layers is (unfortunatelly still) not possible with Jetico.

    In Jetico IP table filesharing is enabled by default as well as DHCP and ICMP ping. This is where you enable/disable stateful inspection as well -

    290608a.jpg

    You may wish to adjust this to your specific needs but you would need to state your hardware and software config at least as a starting point. This in fact does have nothing to do with Jetico, it is networking and is same with every firewall.

    290608b.jpg

    When you select a table from a popup, it will be shown in the ruleset as a child (subfolder) of "network activity". The screenshot is a default install of Jetico in a VM, so it does not have any (yet).

    Cheers,
     
  5. Smokey

    Smokey Registered Member

    Joined:
    Apr 1, 2002
    Posts:
    1,513
    Location:
    Annie's Pub
    Hi n8chavez,

    copy/past job on several forums? ;)
     
  6. wat0114

    wat0114 Guest

    n8chavez,

    by all means, read the user guide. I read it over several times and it helped alot, even thoough it could be better written, but then can't they all be ;)

    It's also nice to arrange applications that have same rules into "Groups". The same can be done for IP rules. Grouping these will reduce clutter and afford better efficiency in Jetico's rules processing.
     

    Attached Files:

  7. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,302
    Location:
    Location Unknown
    Of course...the broader the net the more help I get. :)

    I have read the user guide many times, but my interface doesn't look like what the screenshots above do. There is nothing for me to expand that would reveal the options I'm looking for.
     

    Attached Files:

    • 1.png
      1.png
      File size:
      43.9 KB
      Views:
      181
    • 2.png
      2.png
      File size:
      51.4 KB
      Views:
      180
    • 3.png
      3.png
      File size:
      52 KB
      Views:
      187
  8. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,302
    Location:
    Location Unknown
    Also, somethibg weird keeps happening. My connection seems to be blocked from time to time for up to a minute; nothing goes in or out. I know I did that, but what rule(s) would cause that (which I need to edit)?
     
  9. Seer

    Seer Registered Member

    Joined:
    Feb 12, 2007
    Posts:
    1,596
    Location:
    Singidunum
    Hello n8chavez.

    You shoud mask your nameserver when posting a screenshot :)

    300608.JPG

    As for the groups, wat0114 above customized them. Yours are default.

    This may be due to DHCP. Are you using it or have you fixed your IP?
     
Loading...
Thread Status:
Not open for further replies.