CPUG

The Check Point User Group

A Resource For The Check Point Community.  Fast.  Useful.  Independent.

1. CCSA/CCSE One-Week Dual-Certification Training Course with CPUG in San Francisco!
    Courses Starting 12/8, (2009) 1/19, 2/9, 3/9, 4/6, 5/4, 6/8, 7/6, 8/3.
2. Join Us On LinkedIn - We now have a CPUG group.


Go Back   CPUG: The Check Point User Group > Check Point Firewall-1/VPN-1 Platforms > Nokia And IPSO
Help with Rules - NOKIA 1P40 Help with Rules - NOKIA 1P40
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 2005-09-25
Junior Member
  
Join Date: 2005-09-25
Posts: 1
Rep Power: 0
SComerford has an average reputation (10+)
Default Help with Rules - NOKIA 1P40
I have purchased a NOKIA IP40 with Sofawares integrated Checkpoint Firewall-1 software which allows up to 15 rules to be defined.
I am not 100% sure on how to order the rules, or if I really need them all.
Please offer some advice if you're a good rules writer.
I have two PC's which use MIRC allot and have specific IP ranges defined for each, as well as some other video/web/agents running. I have added rules to allow and forward for these. The blocks on ports 123 and 1234 were to block some unknown trojan that is attaching to my PC everytime I power it on using those ports.

Here's the current setup and order:

# Firewall rules
clear fw rules
add fw rules service custom action block src any dest any ports 1234 protocol tcp
add fw rules service custom action block src lan dest wan ports 123 protocol udp
add fw rules service custom action block src lan dest 207.46.130.100 ports 1-65000 protocol tcp
add fw rules service custom action allowandforwared src wan dest 192.168.0.151 ports 3340-3350 protocol tcp
add fw rules service custom action block src 207.46.130.100 dest 192.168.0.87 ports 1-65000 protocol udp
add fw rules service custom action block src wan dest lan ports 123 protocol udp
add fw rules service telnet action block src wan dest any ports 23 protocol tcp
add fw rules service custom action allowandforwared src wan dest 192.168.0.151 ports 1532-1538 protocol tcp
add fw rules service custom action allowandforwared src wan dest 192.168.0.151 ports 59 protocol tcp
add fw rules service custom action allowandforwared src wan dest 192.168.0.151 ports 5100 protocol tcp
add fw rules service custom action allowandforwared src wan dest 192.168.0.151 ports 8000-8885 protocol tcp
add fw rules service custom action allowandforwared src wan dest 192.168.0.87 ports 4000-4500 protocol tcp
add fw rules service custom action allowandforwared src wan dest 192.168.0.151 ports 8887-9000 protocol tcp
add fw rules service custom action allowandforwared src wan dest 192.168.0.151 ports 2000-2005 protocol tcp
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


All times are GMT -7. The time now is 13:47.

Contact Us - CPUG Home Page - Archive - Top

Powered by vBulletin® Version 3.7.4
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.2.0