Re: iptables firewall help

To: Matthew Garman <garman@uiuc.edu>
Cc: "Debian User's List" <debian-user@lists.debian.org>
Subject: Re: iptables firewall help
From: Sebastiaan <S.Breedveld@ITS.TUDelft.NL>
Date: Wed, 27 Jun 2001 09:57:57 +0200 (METDST)
Message-id: <[🔎] Pine.HPP.3.95.1010627095442.17432A-100000@elektron.its.tudelft.nl>
In-reply-to: <[🔎] 20010626222539.A2984@uiuc.edu>

Hello,

a couple of weeks I found this link on debian-firewall:
http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/adsl4linux/ADSL4Linux/ADS
L4Linux/templates/firewall.iptables.devel?rev=HEAD&content-type=text/vnd
.viewcvs-markup

It is a pretty good script. You have to set y or n for a list of services
you want to run. The rest of the script is very readable and the firewall
is pretty robuust. It is originally desinged for a Dutch ADSL line, but it
can easily be adapted to every kind of interface. And it handles dynamic
ip's. Put the script in /etc/ppp/ip-up.d (not sure about this), this
should start the script when dailed in.

Greetz,
Sebastiaan


On Tue, 26 Jun 2001, Matthew Garman wrote:

> 
> I would like to upgrade my kernel from 2.2 to 2.4.  The main thing that
> concerns me is building a new iptables-based firewall (as opposed to
> ipchains).
> 
> I was using the TrinityOS firewall for ipchains.  I read through it,
> somewhat, but basically accepted its security on blind faith.
> 
> I figure that with the switch to 2.4 and iptables, now would be a good
> time to really learn how to write a good firewall script.
> 
> So for starters, I'd like to have a good, secure, well-commented iptables
> firewall script that I could use and learn from.  Then I'd like to see
> some online documentation on firewall considerations.
> 
> For the summer, I want a firewall that works with dynamic IP addresses so
> my dad and I can share a modem (standard, ultra-slow serial analog modem),
> running no services.
> 
> Then, when I go back to school, I'll want to change the script so I can
> share a cablemodem with my roommates.  I'll also run a couple basic
> services at that time, such as a mailer, an SSH daemon, and probably
> Apache.
> 
> If anyone can point me in the right direction to get started, I would be
> very appreciative :)
> 
> Thanks!
> Matt
> 
> -- 
> Matt Garman, garman@uiuc.edu
> "I'll tip my hat to the new constitution, Take a bow for the new revolution
>  Smile and grin at the change all around, Pick up my guitar and play
>  Just like yesterday, Then I'll get on my knees and pray..."
>             -- Pete Townshend/The Who, "Won't Get Fooled Again"
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>

Reply to:

References:
- iptables firewall help
  - From: Matthew Garman <garman@uiuc.edu>

Prev by Date: Re: mounting qnx filesystems
Next by Date: Re: CR characters in d/l'ed text files
Previous by thread: Re: iptables firewall help
Next by thread: grub booting message
Index(es):
- Date
- Thread