This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Network Protection -> Firewall Iptables

Hello,

I have displayed the iptables and do not understand to which chain new rules are added.

are "Automatic Firewall Rules" added to chain AUTO_INPUT or AUTO_FORWARD and "Custom Firewall Rules" only added to chain USR_FORWARD?

And I don't understand what target "confirmed" means either. I only know ACCEPT, REJECT or DROP

 

 pkts bytes target     prot opt in     out     source               destination

   10 12680 CONFIRMED  tcp  --  any    any     anywhere             anywhere             multidev in-interfaces eth4,eth0 tcp spts:1024:65535 dpt:aocp

 

Gerne auch auf deutsch antworten.


Danke.

 

 

 



This thread was automatically locked due to age.
  • Hallo Stefan,

    This is from conntrack: "Connection is confirmed: originating packet has left box."

    Please give an example of an 'Automatic firewall rules' selection you're asking about.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob,

    example? All my "automatic rules" are displayed in the chain or auto_forward or usr_forward. The only "automatic firewall rule" displayed in the Auto_Input chain is the IP-Sec connection.

    But maybe I understand the rules after looking at this graphic from the post again.



    https://community.sophos.com/products/unified-threat-management/f/general-discussion/22065/rulz

     

    but in which file can I even find the rules? etc/sysconfig? But I don't see the file there.

     

  • Interesting question, Stefan.  Try a Google on site:community.sophos.com/products/unified-threat-management/f location iptables and come back and tell us what you found out.  I found a post from 2001 that gave a location that no longer exists.  I don't recall seeing anything recently.

    What is the motivation for asking this question?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • my motivation is to learn from the rules created by sophos.

    But I couldn't find the right place for the Iptables either. :(

    Except this path /var/mdw/etc/iptables

    But this looks like it's not the right files.

    Greets

    Stefan