Tips on firewall rule configuration

[9iron]

Hi. I inherited a Sonicwall Pro 2040 here at work, and I guess I just have a couple of questions about some of the rules that were put on this thing, so that I may gain a better knowledge of firewall configuration. Here's some:

Source (WAN 68.1.17.4)
Destination (LAN)
Service (SMTP)
Action (Deny)

This one pretty much says to block any email sent from 68.1.17.4 to anyone on my LAN, right? Easy enough. Probably a known offender being blocked. I get it. One that I don't quite get is:

Source (WAN 216.73.87.20)
Destination (LAN)
Service (HTTP)
Action (Deny)

I don't have any web servers here, so this one puzzles me. Wouldn't I be better off just blocking all inbound HTTP traffic, since I don't have any web servers? Or would that rule stop all my office Internet access? (I wouldn't think so, since my LAN machines are the ones initiating the request)

Thanks.

 

[technome]

The rule is to block an external website, Doubleclick
216.73.87.20

http://tools.whois.net/index.php?fuseaction=whois.whoisbyipresults

If you block incoming http, you cripple Internet access.

Before you start to play wih the unit, backup up the configuration. NEVER make a change unless you sure of the results; you do not want a hacker to enter your network eg. with a play server, I relaxed an FTP site's security..within 20 seconds a hacker was in.

........................................
Chernobyl disaster..a must see pictorial

http://www.kiddofspeed.com/default.htm