Re: firewall for a client
On 2004-12-06 Víctor A. Ramos wrote:
> I write this e-mail, because I'd like to build a firewall on my Debian
> system, using iptables.
> My computer is a Internet client, and doesn't offer any service or
> server to the Internet(no ssh, no smtp... anything),
Then what do you need iptables for?
> so the 'policy' should be: reject all input connections
That's already done by your system's IP stack.
> and external pings....
That doesn't make sense.
> and allow all connections from my PC to Internet.
That's done by your system's IP stack as well.
> I've looking and studying a lot of manuals and how-to's but all of
> them are destinate to a Debian system working as a router for a LAN
> :-/
That's because it usually doesn't make sense to do packet filtering on a
host that doesn't have any services bound to external interfaces.
You simply don't need to do any packet filtering at all.
Regards
Ansgar Wiechers
--
"Those who would give up liberty for a little temporary safety
deserve neither liberty nor safety, and will lose both."
--Benjamin Franklin
Reply to: