Reply
 
Thread Tools Display Modes
  #1  
Old 04-20-2012, 04:02 AM
CrankyUser CrankyUser is offline
Junior Member
 
Join Date: Apr 2012
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
Default PF Firewall exceptions
As a total noob to pcbsd ...

I have read a bit of the manual ... on firewalls.

Q1: What are the listed "Exceptions" for? Some services were "unknown." I find that disturbing. Call me crazy but I deleted every exception... Did I disable my firewall?

Q2: In buntu GUFW, the gui FW manager was simple and provided a listening report and notifications... I miss it. Any similar PCBSD apps?
Reply With Quote
  #2  
Old 04-20-2012, 05:04 AM
Weixiong Weixiong is offline
Senior Member
 
Join Date: Jun 2005
Posts: 175
Thanks: 0
Thanked 1 Time in 1 Post
Default
Originally Posted by CrankyUser View Post
As a total noob to pcbsd ...

I have read a bit of the manual ... on firewalls.

Q1: What are the listed "Exceptions" for? Some services were "unknown." I find that disturbing. Call me crazy but I deleted every exception... Did I disable my firewall?

Q2: In buntu GUFW, the gui FW manager was simple and provided a listening report and notifications... I miss it. Any similar PCBSD apps?
.
You can drive yourself nuts if you fixate on your firewall logs, watching every random port scan bouncing off your firewall. Because if it's configured correctly that's all they do, and more than likely there's no sign you're even there if it doesn't respond to pings.

As long as you don't have any open ports there's really not much to worry about and if you're behind a router even less so. A scan from the net doesn't reach your machine if you're behind a router, it's scanning your router and most act like a firewall.

The majority of web traffic is carried out on TCP protocol to ports on your machine. HTTP on remote port 80, HTTPS on remote port 443, etc. The exceptions were just generic rules for you to use if you need to and really shouldn't be there if you're not using them, but back to the router argument. You didn't hurt anythng by deleting rules you aren't going to use. Better for now to delete them than set them to block.

That said, I've spent the last week trying to figure out what's wrong with the GUI on this one and finally figured it out today. The powers that be will be looking into it and for right now I wouldn't worry if I were you, as long as you aren't conecting to the net by dialup or running a server.

I do commend you on wanting to learn about them though, but it's too vast a subject to fully explain here. If you want to learn about this one read up on the OpenBSD pf firewall.

P.S. The "unknown" section you were worried about covers ports in the range of 49152-65535 and is where services such as HTTP connect to UNIX boxes. It's referred to as unknown because of the different services that could be using those ports to connect to your machine.

Last edited by Weixiong; 04-20-2012 at 02:01 PM.
Reply With Quote
The Following User Says Thank You to Weixiong For This Useful Post:
sweet skunk (10-09-2012)
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 06:53 AM.


Powered by vBulletin® Version 3.8.5
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.

Copyright 2005-2010, The PC-BSD Project. PC-BSD and the PC-BSD logo are registered trademarks of iXsystems.
All other content is freely available for sharing under the terms of the Creative Commons Attribution License.