Prev: TIVO TCP scan
Next: How essential is an additional firewall?
From: Paul Branon on 15 Jun 2010 15:51
I have an internal RFC 1918 computer lab that runs entirely on
192.168.1.0/24 space and my firewall (within the internal lab) runs
between 192.168.1.0/24 and 10.10.10.0/24

In ipfw I've allowed generously

05005 allow tcp from 192.168.1.0/24 to any 3306
05006 allow tcp from 192.168.1.0/24 to any 33400-33450

I'm not so concerned about 3306 per-se. I can modify my allowances of
3306 to suit my purposes. But what I've noticed is that the replies
come back on ports higher than 3306 (namely 33400 and upwards.) These
I've allowd for in my firewall) and all appears to be working
splendidly. But I'd like to know how other people have done it. I've
heard of people allowing only port 3306. But I can't see how this
works if the replies are on higher ports. (I've tried allow tcp from
any to any 3306 established. but that didn't work.) The only setup
that worked is the one I've now got.


Paulb
 | 
Pages: 1
Prev: TIVO TCP scan
Next: How essential is an additional firewall?