echo Enabling firewall [ $KVERSION = "2.2" ] && { # # Block incoming connections to port 25 (smtp) # This is easier than making sendmail secure, as # I don't receive mail on my local machines # ipchains -A input -i eth0 -p TCP -d 0/0 25 -j DENY # # I run AppleTalk internally to service a Mac # client, but I don't # want anyone to touch that from the outside # I'm not sure if this is right, but I saw it # somewhere ipchains -A input -i eth0 -p TCP -d 0/0 548 -j DENY ipchains -A input -i eth0 -p UDP -d 0/0 548 -j DENY # Block outside connections to lpd # This shouldn't matter, but I'm paranoid ipchains -A input -i eth0 -p TCP -d 0/0 515 -j DENY } || { # Totally cut off outside access to SMTP /sbin/ipfwadm -I -a reject -W eth0 -P tcp -D 0.0.0.0/0 25 # Totally cut off outside access to AppleTalk /sbin/ipfwadm -I -a reject -W eth0 -P tcp -D 0.0.0.0/0 548 /sbin/ipfwadm -I -a reject -W eth0 -P udp -D 0.0.0.0/0 548 # And cut off lpd connections /sbin/ipfwadm -I -a reject -W eth0 -P tcp -D 0.0.0.0/0 515 }