2.1.5 is the perfect firewall except for a problem handling fragmented
packets. Go here to get something that will run behind 2.1.5 and eliminate
that problem - CHX Packet Filter.
http://www.idrci.net/
YES. At least it does here.
sudo rm -rf /home/elaich:
Sorry if this is a silly question, but how to configure CHX Packet
Filter for handling fragmented packets? The interface is just too
technical for me (I don't know much about networking and TCP/IP).
Kerodo said:CHX will do an analysis of any and all fragmented packets on it's own
without any configuration from you. You can, if you really want to,
turn on an option that will deny ALL fragmented packets, however, this
is probably not wise or necessary.
Best thing to do is a quick study of the online docs. This will
explain the basics to you. In it's default, out of the box
configuration, CHX does nothing. You need to import the sample rule
set to start off with, then also make sure you right click on the
Interface section and select Properties, then turn on stateful
inspection (SPI) for all protocols (TCP/UDP/ICMP). Without this it's
likely that CHX will do no filtering at all. Use the sample rule set
to start with, modify as needed for any inbound you need with force
allow rules. You may not need any unless you do p2p or have programs
that operate as servers. You will also want to turn on logging as
well in Interface Properties.
Once you get the hang of it, it's really quite simple rule-wise. All
you need are just a couple rules and the options turned on (SPI) in
Interface Properties and you're good. But again, the online docs are
a good place to look to start off with.
"Helen" said:What's this? : Download the CHXT **TRIAL**** products. (from the site).
So, is it or is it NOT FREEWARE?
"Helen" said:What's this? : Download the CHXT **TRIAL**** products. (from the site).
So, is it or is it NOT FREEWARE?
Working well here. Will have to test if firewall interferes with [both
OT, since they're commercial software] VMware and Virtual PC, which do
strange things to network interfaces. (VMware installs its own "virtual
network" devices, Virtual PC uses a "loopback" device).
Kerodo said:It is freeware. Requires you to register online, then you are sent a
serial/key via email. No strings attached.
An email identity is worth money. It can be sold to third parties.
Requiring one is requiring value to be supplied. Even if you currently
have a policy against selling email addresses, the company that buys you
may not.
(e-mail address removed) wrote in
Version 4 was a boondoggle of bloat and bugs. No, unless Sunsoft has
cleaned it up since taking it over.
2.1.5 is the perfect firewall except for a problem handling fragmented
packets. Go here to get something that will run behind 2.1.5 and eliminate
that problem - CHX Packet Filter.
http://www.idrci.net/
Message-ID said:An email identity is worth money. It can be sold to third parties.
Requiring one is requiring value to be supplied. Even if you currently
have a policy against selling email addresses, the company that buys you
may not.
Working well here. Will have to test if firewall interferes with [both
OT, since they're commercial software] VMware and Virtual PC, which do
strange things to network interfaces. (VMware installs its own "virtual
network" devices, Virtual PC uses a "loopback" device).
An email identity is worth money. It can be sold to third parties.
Requiring one is requiring value to be supplied. Even if you currently
have a policy against selling email addresses, the company that buys you
may not.
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.