I read many posts on this forum and some of the documentation about zeroshell available on the homepage but I’m still not sure about the following question:
If I run zeroshell as firewall (ADSL-Router -> zeroshell -> LAN / WLAN) is it sufficient secure to leave the default policies on ACCEPT? Does zeroshell guarantee in the default-setup that no unwanted packets get into my LAN by dropping them if no virtual server is set up which forwards these?
If not and I have to change the default policies to DROP is there a guide or tutorial for this kind of setup which tells what rules to add to the chains to get internet access, mails etc. from the LAN running?
Well, because it’s the default? And the default-setup for a firewall-product should be a reasonable setting, isn’t it?
The consequences if using DROP on all chains is – if I understand that right – that I have to specify every single rule for packets passing the firewall for myself, or are there settings for the iptables “built in” zeroshell which handles most / some commonly used cases (as for the default-setup ACCEPT)???
I do not think so. Default ACCEPT means to allow all traffic and I would not leave it like this.
Not sure why it is done ACCEPT, maybe because it is not necessarily works as a firewall too. All those modules are options, but, if you want to use them, you have to start modifications.
This how I think about this, but I could be wrong.