Kon

Forum Replies Created

Viewing 15 posts - 1 through 15 (of 39 total)
  • Author
    Posts
  • in reply to: net firewall NATing #7176

    Kon
    Participant

    Hi.

    Please describe how do you try to set up NAT in NeT Firewall. Procedure of it is different than in IG.

    Also you can read help, how to do it.

    in reply to: NeT Firewall 2.x Does Not Load Port Mapping on Startup #6554

    Kon
    Participant

    Hi.

    Thank you for your report about port mapping. Please use the last version of NeT Firewall.

    in reply to: Help Configuring Firewall #6338

    Kon
    Participant

    Hi.

    Please tell me what version of NeT Firewall do you have.

    It seems to me your configuration is proper, but in some previous version we had a bag with one direcion rules.

    Please contact with me by mail.

    andrew@ntkernel.com

    in reply to: Net Firewall Blocking Rules #6158

    Kon
    Participant

    Hi.

    You see TCP and UDP connections when you click Active Connections program node.

    If you click node Packet Log, you will see all packets arrived on your system.

    Do not forget to start log(log is started after installation).

    If you set High Security Level on any network adapter, only packets corresponded with allow rules will be pass to the system.

    Regards,
    Andrew

    in reply to: NAT and IP Shaper status for NeT Firewall #6141

    Kon
    Participant

    We are going to include NAT and IP shaper as soon as possible and currently preparing user interface to cover it. We hope to finish it up this year.

    We have api to communicate with Firewall but it is still not open for end-user. We will discuss the possibilities to open it to registered users on special request.

    Regards,
    Andrew

    in reply to: Log Sizes & Permanent Storage #6091

    Kon
    Participant

    Hi.

    In current version of NeT Firewall you can save list of logged packets to a file.

    Automatic file logging is not implemented yet.

    Regards,
    Andrew

    in reply to: Net firewall is not statefull #6081

    Kon
    Participant

    We will improve our internal interface to avoid such problem.

    To allow incoming DNS, please turn off DNS inspection in Option menu.

    Regards,
    Andrew

    in reply to: Net Firewall blocking ports #6088

    Kon
    Participant

    Thank for your post about NeT Firewall.

    Could you please send sreenshot of rules and part of log where you think that firewall do not work properly to andrew@ntkernel.com

    Regards,
    Andrew

    in reply to: Net firewall Natting for 2 network cards #6076

    Kon
    Participant

    We are going to include NAT and traffic shaper in the end July.

    in reply to: Net firewall Natting for 2 network cards #6074

    Kon
    Participant

    Thank you for choosing NeT Firewall.

    In current version of NeT Firewall, NAT is not implemented, and you can use Routing and Remote Access, ICS included in your operation system.

    Andrew

    in reply to: UDP checksum recalculation #6063

    Kon
    Participant

    VOID
    RecalculateUDPChecksum (
    PINTERMEDIATE_BUFFER pPacket
    )
    {
    udphdr_ptr pUdpHeader = NULL;
    unsigned short word16, padd = 0;
    unsigned int i, sum = 0;
    PUCHAR buff;
    DWORD dwUdpLen;

    iphdr_ptr pIpHeader = (iphdr_ptr)&pPacket->m_IBuffer[sizeof(ether_header)];

    // Sanity check
    if (pIpHeader->ip_p == IPPROTO_UDP)
    {
    pUdpHeader = (udphdr_ptr)(((PUCHAR)pIpHeader) + sizeof(DWORD)*pIpHeader->ip_hl);
    }
    else
    return;

    dwUdpLen = ntohs(pIpHeader->ip_len) – pIpHeader->ip_hl*4;//pPacket->m_Length – ((PUCHAR)(pTcpHeader) – pPacket->m_IBuffer);

    if ( (dwUdpLen/2)*2 != dwUdpLen )
    {
    padd=1;
    pPacket->m_IBuffer[dwUdpLen + pIpHeader->ip_hl*4 + sizeof(ether_header)] = 0;
    }

    buff = (PUCHAR)pUdpHeader;
    pUdpHeader->th_sum = 0;

    // make 16 bit words out of every two adjacent 8 bit words and
    // calculate the sum of all 16 vit words
    for (i=0; i< dwUdpLen+padd; i=i+2){
    word16 =((buff< <8)&0xFF00)+(buff[i+1]&0xFF);
    sum = sum + (unsigned long)word16;
    }

    // add the TCP pseudo header which contains:
    // the IP source and destination addresses,

    sum = sum + ntohs(pIpHeader->ip_src.S_un.S_un_w.s_w1) + ntohs(pIpHeader->ip_src.S_un.S_un_w.s_w2);
    sum = sum + ntohs(pIpHeader->ip_dst.S_un.S_un_w.s_w1) + ntohs(pIpHeader->ip_dst.S_un.S_un_w.s_w2);

    // the protocol number and the length of the TCP packet
    sum = sum + IPPROTO_UDP + (unsigned short)dwUdpLen;

    // keep only the last 16 bits of the 32 bit calculated sum and add the carries
    while (sum>>16)
    sum = (sum & 0xFFFF)+(sum >> 16);

    // Take the one’s complement of sum
    sum = ~sum;

    pUdpHeader->th_sum = ntohs((unsigned short)sum);
    }

    in reply to: NeT Firewall – Allow ICMP Within Local Network #6055

    Kon
    Participant

    Hi.

    Thanks for your comments about our product.

    If I understand you correctly, you have internal network interface, for example Local Area Connection and external network intreface.

    In a program tree you can find ICMP Security, and it is different for different interfaces.

    Please allow ICMP Echo Reply using sub-tree according to internal interface, and block ICMP Echo Reply using sub-tree according to external interface.

    Regards,
    Andrew

    in reply to: I have some question about web redirection. #6035

    Kon
    Participant

    Hi. It is impossible to do or very hard to do to redirect to alert site.

    The problem is that when you detect that site is harmful connection is being established between client and harmful site. Bat where is no connection between client and aler site. If you redirect such packet to alert site it simply drop it.

    The one easy way to do it is to answer on GET query packet by yourself. Just create packet with answer as any site do.

    But it needs some some special knowledges about tcp and http.

    Regards,
    Andrew

    in reply to: NET Firewall supporting Outging NAT ??? #6033

    Kon
    Participant

    Hi.

    Yes you can use Port/Protocol mapping also in your case.

    If you use P/PMapping in first case why you have a problem to use it second case?

    Regards,
    Andrew

    in reply to: NeT Firewall – Application-based security rules? #5953

    Kon
    Participant

    Hi.

    Beta version is still under development. I will post new message on forum where users will be able to download beta.

    Regards,
    Andrew

Viewing 15 posts - 1 through 15 (of 39 total)