Hello,

About 1 year ago I wrote a firewall for the company I am working at. The firewall is designed to:

- log port scans (FIN, XMAS Tree, FIN/SYN, NULL)
- block icmp to all ips except the main ip which is pingable for monitoring reasons
- allows only connections to selected ports and protocols

For example a user cannot telnet to port 50000 to a remote host and only root has full access.

- there are many more features we can discuss in MSN or using e-mail

Also you can create a block list to /root/block.ips to block all ips that you don't want to access any service. You can use that to block DDos attacks to apache or to another service.

I am using that rules to 2 servers (IRC server and Webhosting server) with success for 1 year.

I can install them to your system for $50. It's very easy to modify the script as it has comments. There are about 550 lines of iptables rules. If anyone needs any changes I can do them for $10/hour but as I said it is really very easy to do changes on your own.

If you have questions please reply to that post or add me to your MSN. My MSN is support@cretaforce.net.

Thank you,
CretaForce

I forgot to mention that I wrote some scripts to find and block botnets from your clients IRCDs. It needs the firewalls rules to work. $10 extra for that. If you are a Shell Provider you need that scripts as all the datacenters I know don't allow botnets running in their IPs.