How to test the proper configration of the firewall

Hi,
I have run the ipfire wall over years now and have add rules over the time.
Last week, I have moved to new Hardware and to the actual 64Bit Version.

But how can I test, if my Firewall is working as expected?
How to be sure that all the functions are working and I do not have configure a leak ?

Is there a good test plan existing how to work like a intruder ?

Best regards
R.

A penetration test from outside in and another from within your LAN.

Hi,

How to be sure that all the functions are working and I do not have configure a leak ?

for each firewall rule you have configured, you could test if a connection matching that rule is processed properly, i. e. dropped, rejected or allowed. This is somewhat time-consuming, but would suffice your need.

Is there a good test plan existing how to work like a intruder ?

To me, this is a different approach: An attacker needs to find one hole, no matter which. This is not necessarily limited to packet filters and could, for example, include exploiting client-side vulnerabilities as well.

I recommend reading some books on penetration testing - it is a complex topic, and simple scans using tools like nmap are not always enough albeit they provide some important information for baselining security of your network.

Thanks, and best regards,
Peter Müller