»Incoming Firewall Access« blocked or open?

matthaesius · 20 January 2021 22:50

Hello IPFire community,

I have a problem understanding the Incoming Firewall Access.
I wanted a setup as described in this article »Force clients to use IPFire’s DNS proxy«.

This has led me to the understanding that actually any traffic targeted into IPfire FW directly is blocked by default unless explicitly allowed.

Now I am also running Samba Cups and the NTP server on the FW, and all of it is accessible just like that.
Did I get this wrong?
Or is the FW misbehaving?

Thanks a lot,
regards

Matthias

My IPFire

walter · 21 January 2021 11:34

Hi, on green source and destination green, your network is blocked. To default all incoming connection are blocked. If you allow a network client to automatic DHCP, all client receive the DNS specify in DHCP configuration.

matthaesius · 21 January 2021 13:17

Hi Walter,

thanks a lot for you response

To default all incoming connection are blocked.

That would mean it’s an error

If you allow a network client to automatic DHCP, all client receive the DNS specify in DHCP configuration.

That should not work than as well…
and the Webserver on it too

That cannot be, because I don’t see a possibility to un/block incoming, only Forward and Outgoing:

Any other hint?
Or an explanatory wiki article?

Regards
Matthias