Re: need iptables firewall
James B. Wilkinson wrote:
What I'm trying to do is build a stateful firewall using iptables. The
machine I want to put it on has 16 meg, and RedHat won't install in
that, but Debian will.
Of course, Red Hat is bloated!!! Keep in mind though, using statefull
inspection requires memory.
My first thought was to use woody, since I read somewhere that it uses
the 2.4 kernel, and I read somewhere else that I need that one for
iptables. I installed it, and it turned out to have the 2.2.19 kernel,
so I didn't gain anything. I'm now thinking that I should just go back
and install potato, since it looks like I'm going to have to figure
out how to replace the kernel in any case.
Run Patato and grab the 2.4 kernel packages for Patato off of Adrian
Bunk's site:
http://www.fs.tum.de/~bunk/kernel-24.html
Could somebody point me to where I should start reading? It looks like
I need to know how to replace a kernel and how to set up and configure
iptables. I didn't get many hits when I did a search for "iptables" on
the Debian website.
http://www.linuxdoc.org/HOWTO/Kernel-HOWTO.html
The Linux kernel HOW-TO
http://www.linuxguruz.org/iptables/
Tones of example scripts and many links on iptables as well.
http://www.cs.princeton.edu/~jns/security/iptables/iptables_conntrack.html
Another excellent site that explains the inner workings of connection
tracking, also has a link to a great statefull firewall example :-D
http://www2.linuxjournal.com/cgi-bin/frames.pl/index.html
A document at LinuxJournal on Netfilter
http://joker.rhwd.de/doc/Securing-Debian-HOWTO/Securing-Debian-HOWTO.html
Securing Debian HOW-TO
www.debianplanet.net
www.debianhelp.org
Debian community sites.
Enjoy!!
Stef
Reply to: