Re: Question About ipmasq - Thanks
Thanks, I'm going to try this approach.
-Tom
On Wed, Apr 30, 2003 at 08:28:45AM -0700, Paul wrote:
> How about first setting up your firewall rules to a
> pretty basic form.
>
> ie
>
> iptables -P INPUT DROP
> iptables -P FORWARD DROP
>
> That will make it default not allow any connections at
> all, then just set the specific port/destination that
> you want the box to allow while you are getting ipmasq
> and the other services you feel you need, then plug in
> the rj45 and update your box.
>
> -paul
>
> --- "Thomas H. George,,,"
> <georgeacct@spininternet.com> wrote:
> > I am in the process of setting up a computer to
> > serve as a firewall
> > between my network and the internet. Thus far I
> > have assembled a system
> > with two ethernet cards, installed Woody from a CD
> > set purchased a year
> > ago and built a 2.4.18 kernel according to the
> > instructions in the
> > latest release of the IP-Masquerading-HOWTO. At
> > this point the system
> > is a stand alone computer that has never seen the
> > internet.
> >
> > Question: How to do security updates and install
> > ipmasq-3.5.10 without
> > any chance of contaminating the firewall system.
> > Can I use apt-get
> > install ipmasq on this computer with a 2.4.20 kernel
> > and an uptodate
> > testing distribution, edit the scripts and transfer
> > them to the future
> > firewall via a cd or is thare a way to configure the
> > firewall computer
> > so it can listen to nothing but a debian mirror and
> > then connect it to
> > the internet to download the updates and packages
> > needed?
> >
> > Tom George
> >
> >
> > --
> > To UNSUBSCRIBE, email to
> > debian-user-request@lists.debian.org
> > with a subject of "unsubscribe". Trouble? Contact
> > listmaster@lists.debian.org
> >
>
>
> __________________________________
> Do you Yahoo!?
> The New Yahoo! Search - Faster. Easier. Bingo.
> http://search.yahoo.com
>
>
> --
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: