OPENLYSECURE


questions/comments send us feedback
��Welcome !
Linux Resources  OpenBSD Resources  Security Resources  General Information 
Jun. 27, 2017


main | general :: mailbag :: 21

From: Luke B. Date: 22/5/00

Hi,

I've just purchased and absorbed your new book. It was excellent, and I will
be using it to set up three OpenBSD firewalls for my business. I was wondering
about a couple things, however.

In Chapter 10, "Tuning Your Firewall," page 301, you state that the line:

block in on eth0 proto tcp from any to any port = 80

should come before those stated on page 297. However, if this were the case:

block in on eth0 proto tcp from any to any port = 80
pass in on lo all
pass in on eth0 all

the last line would be matched, and port 80 requests would never be blocked,
due to the fact that IPFilter blocks the last matched rule. A similar situation
exists on page 306.

Please let me know if I'm missing something!!! If not, and these are actual
errors, then I hope that this can help your book!

Thank you for an excellent tutotial and reference,

Notify me whenever the general section of this site is updated

Email this page to a friend or colleague

Show a printer-friendly version of this page


openlysecure.org