Re: what is the default firewall on a fresh install of Debian7 arm on a pogop0lugE02
Hi Richard, all.
What you should probably know about Debian, philosophically, is that
Debian's default is very small, no gui, no unnecessary daemons, such
that it is suitable for installation on very small and even embedded
systems. Thus there's very little for an iptables firewall to
protect. Debian daemons typically have to be reconfigured to be
accessible from outside- often they bind only to localhost without
user intervention. Indeed it can be argued that if you keep the
services that bind to your external interface minimal and safe that a
"firewall" doesn't even do much for you if it's not a gateway.
But you can certainly set up iptables to taste, anything from a
handful of "up" iptables entries in /etc/network/interfaces to huge
automagical GUI things with lots of complicated knobs and
checkboxes.in apt-get. Certainly there are things like rate-limiting
and packet prioritization for which iptables is good and "firewall"
tools can help set it up for you.
I concur that debian-user would have been a better forum for this topic.
Tony
On Wed, Apr 24, 2013 at 12:50 PM, Andrew M.A. Cater
<amacater@galactic.demon.co.uk> wrote:
> On Wed, Apr 24, 2013 at 07:45:49PM +0100, Richard Bown wrote:
>> >
>>
>> I installed ufw to see if it would overide the system defaults.
>> I'll unsubscribe this list as everything I ask is deemed off topic.
>> I get the impression this list is only for developers and users of the latest ARM and Cortex
>> devices.
>> I was grossly mistaken to suspect that running Debian on an ARM5TE was supported by the debian-arm
>> list.
>>
>
> No, it's not that everything ARM is off topic. It is, effectively, that you asked
> a non-ARM related question on a more general topic. Firewalls - probably more appropriate
> for debian-user.
>
> >From what I see below, you're probably more used to Fedora. Debian doesn't install a firewall
> manager by default, though a minimal iptables is there available to use from the outset.
>
> iptables -L
>
> would show you - nornally all input/output/forwarding chains are set to accept by default
> ie no rules are set, if I remember correctly.
>
> It's also probably true that, just as some Fedora users are concerned with the release
> of Fedora 19 Alpha today, we're slightly preoccupied by the main Debian release which
> is coming up on May 5th ... sorry for any brevity.
>
>
> Al the best,
>
> Andy, G0EVX (ex G8UBG)
>
> amacater@debian.org
>
>> --
>> --
>> Best wishes / 73
>> Richard Bown
>>
>> Email : richard@g8jvm.info
>> HTTP :http://www.g8jvm.info
>> nil carborundum a illegitemis
>> ##################################################################################
>> Ham Call G8JVM . OS Fedora FC18 x86_64 on a Dell Inspiron N5030 laptop
>> Maidenhead QRA: IO82SP38, LAT. 52 39.720' N LONG. 2 28.171 W ( degs+mins )
>> QRV VHF 6mtrs 200W, 4 mtrs 150W, 2mtrs 350W, 70cms 200W
>> Microwave 23 cms 140W, 13 cms 100W, 6 cms 0W & 3cms 5W
>> ##################################################################################
>> Please do not use the e-mail address of richard@g8jvm.com
>> Mail hosted by 1and1, Domain screwed up by 1and1 and Freeparking
>>
>>
>> --
>> To UNSUBSCRIBE, email to debian-arm-REQUEST@lists.debian.org
>> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>> Archive: [🔎] 20130424194549.2cf500e6@g8jvm.info">http://lists.debian.org/[🔎] 20130424194549.2cf500e6@g8jvm.info
>
>
> --
> To UNSUBSCRIBE, email to debian-arm-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: [🔎] 20130424195003.GA4579@galactic.demon.co.uk">http://lists.debian.org/[🔎] 20130424195003.GA4579@galactic.demon.co.uk
>
--
Best Regards.
This is unedited.
Reply to: