To create a Defined list: Expand "Defined Lists" Right click on the desired list type Left click on "New" For Interface Properties: Expand "Packet Filters (Global)" Right click on "Local Area Connection" Left click on "Properties"
in CHX-I 3.0, with the default wan_start ruleset, you do not need that particular rule. btw, I replied to your PM...
Is that correct setup for the Interface Properties screen when given those options? There is so much to learn about CHX-I. glentrino2duo, I sure did and already replied. thanks once again =)
See this thread: https://www.wilderssecurity.com/showthread.php?t=139457 especially, post #43 by Stefan_R, one of the CHX developers
Somewhere there was a further discussion with Stephan_R about fragmented packets, but I can't find it. IIRC, leaving the Deny All Incoming Fragmented Packets option unchecked does not mean you are allowing all fragmented packets. There are instances of legitimate packet fragmentation, but I don't have the technical skills to explain it. In some cases of legitimate packet fragmentation, CHX3 recognizes that by other means I believe, perhaps in its implementation of SPI. Someone like Stem might be able to explain it, but not me. Checking the Deny option simply rejects all fragmentation.
I having trouble setting up SPI protection without getting my connection blocked. I currently use DSL service from AT&T.
Make certain you imported the wan_start rule set to the green Local Area Connection network interface card icon, not the IP address. Make certain the Incoming ARP allow rule in the wan_start rules is turned on.
Good day everyone! Is CHX-I for network wiz use only? Is there any documentation/Tutorial and sample ruleset that could help me start using it?
There was a sample ruleset, very simple, just a couple of rules. All of it, including CHX-I, is long gone now, the site is no longer. I don't even know where you can find or download any of it now either...... It was a great firewall, but pretty much history now unless you can grab a copy somewhere. Edit: Sorry, just saw the posts in the other CHX thread. You really should just post once and not in 3 or more threads asking the same question. Others have posted links to CHX and everything available. It's pretty much a learn by doing thing. You might Google for any further CHX tutorial type material also.
Unfortunately, none of the links there seem to work, including the documentation pages.... they are not archived...
If you go to the main page at http://web.archive.org/web/*/http://idrci.net/ you should be able to go and read a good deal of their old pages (just forget the 2007 badleading redirect links). ex.: EDIT: you can also download their "CHX-I Packet Filter Documentation" (CHM help file).
