Home Automation Domotica Forum Europe, Bwired Forum

Hi,

Can't find the possibility to configure the firewall. Many pages on the internet mention the packet inspection firewall within Fritz!Box, but i can't find the page to config this.

Does anybody have a clue? My ext. ip is reported on a spamlist, because one of the clients has software running that is in use by a botnetwork. Don't know which one. I've to trust the spamlist that this is true.

It would be nice to have a kind of sniffer on the box or logging, but its better if i could config the box to only accept specific connection to the internet from specific hosts. (like from ANY TCP port from Host mailserver to 25 TCP)

No clue; mine is in "exposed host" mode, redirecting everything to a more flexible firewall/traffic monitoring/IDS etc. etc. virtual appliance. If you have VMWare or Hyper-V that could be an option.

I know, but that is something i just stopped using. I had used my HS server also as router and firewall. Bought the Fritzbox to use the HS server as HS server and not router/firewall. Nice device Fritz!Box and the features, but a functionality of a router is missing? weird.

Right, that is weird.
I was thinking about setting up the new Fritzbox (dect etc) as well for Bwired.
But I need a very good firewall like my Draytek Vigor has. I have already a whole bunch of IP nrs in my IP block list.

<hr noshade size="1"><font size="1">Pieter Knuvers
http://www.bwired.nl <i>Online House in the netherlands. Domotica, Home Automation.</i></font id="size1">

Are you sure only your public ip adress is blocked, and it's not part of a ISP address block thats blocked? There is no way to solve this and get it unlisted if it does.

i had the same question. After some search i found out that "avm box has the best firewall from all routers" not sure about the value of the reviews.

exactly edwin. I read that too yesterday. How the * do i configure it instead it acts on it own.

@rdnzl, the list only specify single ip's. I'd come to the conclusion that NDR's generated by own mail server can cause this (to be on the list). I did disable the NDR function within Exchange 2007 and did an unlist. Hopefully that solved it.

But the firewall question still remains. have to contact AVM for this i guess.

I had that once to (at work), being blacklisted by to many NDR's...

I'm on the list again. Now i have to check every pc/laptop, because the Fritz!Box doesn't have the option (i cant find) to list all computers that are connecting to port 25 from inside to outside. grrr

Check for some software you can (temp) run to log all traffic and see what is going on.

<hr noshade size="1"><font size="1">Pieter Knuvers
http://www.bwired.nl <i>Online House in the netherlands. Domotica, Home Automation.</i></font id="size1">

Or capture all traffic on 1 pc, apply filter on port and see which pc pops up...?

<hr noshade size="1"><font size="1">Robert
http://www.hekkers.net <i>Digit's Online Home.</i></font id="size1">

[:p] my caps lock was on

<hr noshade size="1"><font size="1">Robert
http://www.hekkers.net <i>Digit's Online Home.</i></font id="size1">

You can edit the fw rules very detailed from the telnet command prompt, and there is even a build-in network capture function in Fritzbox itself, the data you capture can be loaded in Wireshark.

Look here for examples:
http://www.daveboonstra.nl/tipstrucs/fr ... ex-nl.html

Regards,
Ron.

Thanks Ron!!! Finally

I had found the pc quickly enough. Now i have to clean it.

Ok, nice.

Here is some more info about FritzBox's firewall. (German language ahead)[8D]

http://www.realriot.de/tag/netz/

But be careful, if you apply typing or syntax errors the configuration of your box could be completely reset by the firmware. Make backups!