RE: setting up iptables
Hi
try this http://www.shorewall.net/ lot of documentation , included some samples for 1,2,3 interfaces and of courese Debian packages.
Tomas Novotny
Internet systems manager
Bratislava, Slovakia
-----Original Message-----
From: Costas Magkos [mailto:kmag@lab.epmhs.gr]
Sent: Thursday, March 04, 2004 4:15 PM
To: Debian Security
Subject: setting up iptables
Hi all,
Can someone give me some best-practices for setting up iptables on a
Debian system? I'm looking for things like where should the rules be
placed, what startup script to use [1], good configuration tools [2] and
so on. URLs are appreciated, I dont mind reading :-)
I'm currently setting up iptables on a single-server enviroment (no
routing), but since I will be using iptables a lot, general concepts are
also welcome.
--
[1] When looking around how to set up iptables, I found in
/etc/default/iptables some discouraging words (apparently from the
author) about the usage of the iptables init.d script, which can be
summarized to this: "Do not use it". Why not? And if not, is there any
other way?
[2] I tried firestarter, seems nice. However, it produces a large
ruleset with tones of redundant rules and /proc optimizations (for
instance, the anti-spoof filtering is activated by default). It involves
too much editing, which I have no problem doing it if someone tells me
it's worth it.
Thanks in advance,
~kmag
Costas Magkos
Internet Systematics Lab
Athens, Greece
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: