new to CHX-I

Discussion in 'other firewalls' started by Gargoyle, Mar 27, 2008.

Thread Status:
Not open for further replies.
  1. Gargoyle

    Gargoyle Registered Member

    Joined:
    Jun 2, 2007
    Posts:
    67
    I click on every option but did not seem them. How do I reach these screens? Much thanks in advance.
     

    Attached Files:

  2. FadeAway

    FadeAway Registered Member

    Joined:
    Apr 6, 2007
    Posts:
    270
    Location:
    USA
    To create a Defined list:

    Expand "Defined Lists"
    Right click on the desired list type
    Left click on "New"


    For Interface Properties:

    Expand "Packet Filters (Global)"
    Right click on "Local Area Connection"
    Left click on "Properties"
     
  3. glentrino2duo

    glentrino2duo Registered Member

    Joined:
    May 8, 2006
    Posts:
    310
    in CHX-I 3.0, with the default wan_start ruleset, you do not need that particular rule.
    btw, I replied to your PM...
     
  4. Gargoyle

    Gargoyle Registered Member

    Joined:
    Jun 2, 2007
    Posts:
    67
    Is that correct setup for the Interface Properties screen when given those options? There is so much to learn about CHX-I.


    glentrino2duo, I sure did and already replied. thanks once again =)
     
  5. FadeAway

    FadeAway Registered Member

    Joined:
    Apr 6, 2007
    Posts:
    270
    Location:
    USA
  6. Gargoyle

    Gargoyle Registered Member

    Joined:
    Jun 2, 2007
    Posts:
    67
    I've enabled SPI for everything but now allow fragamented packets too. Thanks for the link.
     
  7. FadeAway

    FadeAway Registered Member

    Joined:
    Apr 6, 2007
    Posts:
    270
    Location:
    USA
    Somewhere there was a further discussion with Stephan_R about fragmented
    packets, but I can't find it. IIRC, leaving the Deny All Incoming
    Fragmented Packets option unchecked does not mean you are allowing
    all fragmented packets. There are instances of legitimate packet
    fragmentation, but I don't have the technical skills to explain it.
    In some cases of legitimate packet fragmentation, CHX3 recognizes
    that by other means I believe, perhaps in its implementation of SPI.
    Someone like Stem might be able to explain it, but not me. Checking
    the Deny option simply rejects all fragmentation.
     
  8. Gargoyle

    Gargoyle Registered Member

    Joined:
    Jun 2, 2007
    Posts:
    67
    I having trouble setting up SPI protection without getting my connection blocked. I currently use DSL service from AT&T.
     
  9. FadeAway

    FadeAway Registered Member

    Joined:
    Apr 6, 2007
    Posts:
    270
    Location:
    USA
    Make certain you imported the wan_start rule set to the green Local Area
    Connection network interface card icon, not the IP address.

    Make certain the Incoming ARP allow rule in the wan_start rules is turned on.
     
  10. Xthink

    Xthink Registered Member

    Joined:
    Sep 13, 2008
    Posts:
    11
    Good day everyone!

    Is CHX-I for network wiz use only? Is there any documentation/Tutorial and sample ruleset that could help me start using it?
     
  11. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    There was a sample ruleset, very simple, just a couple of rules. All of it, including CHX-I, is long gone now, the site is no longer. I don't even know where you can find or download any of it now either...... It was a great firewall, but pretty much history now unless you can grab a copy somewhere.

    Edit: Sorry, just saw the posts in the other CHX thread. You really should just post once and not in 3 or more threads asking the same question. Others have posted links to CHX and everything available. It's pretty much a learn by doing thing. You might Google for any further CHX tutorial type material also.
     
  12. ruinebabine

    ruinebabine Registered Member

    Joined:
    Aug 6, 2007
    Posts:
    1,097
    Location:
    QC
    You could always check their old pages
     
  13. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    Unfortunately, none of the links there seem to work, including the documentation pages.... they are not archived...
     
  14. ruinebabine

    ruinebabine Registered Member

    Joined:
    Aug 6, 2007
    Posts:
    1,097
    Location:
    QC
    If you go to the main page at http://web.archive.org/web/*/http://idrci.net/ you should be able to go and read a good deal of their old pages (just forget the 2007 badleading redirect links).

    ex.:
    CHX.png

    EDIT: you can also download their "CHX-I Packet Filter Documentation" (CHM help file).
     
    Last edited: Sep 14, 2008
Loading...
Thread Status:
Not open for further replies.