Origo 8400 Firewall setup

An area specifically for port forwarding, firewalls and other (on-line) security related issues.
Post Reply
workflow
Newbie
Newbie
Posts: 1
Joined: Tue May 02, 2006 10:43 am
Location: Shropshire, UK

Origo 8400 Firewall setup

Post by workflow » Tue May 02, 2006 10:54 am

I am finding the firewall on the Origo 8400 somewhat restricitive - just want to know if I am missing a trick ...

I have setup a blocking entry in the incoming that denies everything on Any IP/Any Port src and dest but before this in the incoming rules I have set some overrides for the traffic I want to allow - basically I want to allow DNS, POP3, NTP, NNTP, SMTP traffic but nothing else

I have found that despite my assumption that e.g. POP3 would need to be allowed outgoing to port 110 it seems to need incoming on port 110 too - so by the time I have added all the rules I am short of rules as the SafeCom firmware (on CX82xxx_4.1.0.21) only allows 10 rule Incoming and 10 outgoing.

So I thought I would try the favoured JMK firmware - and found this only allows 6 rules period (in + out) - so either I am missing something about how this firewall needs to be configured for max security or I need either a firmware that allows a lot more rules or perhaps a different router ...

Any ideas please - I would especially like to know how many rule the other firmwares allow (Billion etc) as this info seems to be missing from the firmware info charts

Thanks in advance for any help out there .....
User avatar
Neo
RouterTech Team
RouterTech Team
Posts: 3586
Joined: Thu Jan 26, 2006 1:09 pm
Contact:

Post by Neo » Tue May 02, 2006 11:16 am

Hi workflow,

IMHO it's not necessary to restrict data to DNS, POP3, NTP, NNTP and SMTP traffic in order to get your router/network secure, but of course if that's what you want then that's what you should get :)

The NAT and standard firewall protection is fine in the most part, and the occasional port can be blocked by a virtual server.

I'm not 100% sure on this but I don't think many/any firmwares allow more than about 20 policies (I've never actually tried to go above that :oops:).

Alternatives would obviously be to either configure your PC's software firewall to restrict the data or perhaps employ a (redundant) PC (running Smoothwall - http://www.smoothwall.org/ etc) as a standalone firewall.
RouterTech Team and Founding Member
Image
RouterTech Merchandise (UK)
No support via PM, please ask your questions on the forum!
Post Reply