[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: need iptables firewall



James B. Wilkinson wrote:

What I'm trying to do is build a stateful firewall using iptables. The machine I want to put it on has 16 meg, and RedHat won't install in that, but Debian will.

Of course, Red Hat is bloated!!! Keep in mind though, using statefull inspection requires memory.

My first thought was to use woody, since I read somewhere that it uses the 2.4 kernel, and I read somewhere else that I need that one for iptables. I installed it, and it turned out to have the 2.2.19 kernel, so I didn't gain anything. I'm now thinking that I should just go back and install potato, since it looks like I'm going to have to figure out how to replace the kernel in any case.

Run Patato and grab the 2.4 kernel packages for Patato off of Adrian Bunk's site:

http://www.fs.tum.de/~bunk/kernel-24.html

Could somebody point me to where I should start reading? It looks like I need to know how to replace a kernel and how to set up and configure iptables. I didn't get many hits when I did a search for "iptables" on the Debian website.

http://www.linuxdoc.org/HOWTO/Kernel-HOWTO.html

The Linux kernel HOW-TO

http://www.linuxguruz.org/iptables/

Tones of example scripts and many links on iptables as well.

http://www.cs.princeton.edu/~jns/security/iptables/iptables_conntrack.html

Another excellent site that explains the inner workings of connection tracking, also has a link to a great statefull firewall example :-D

http://www2.linuxjournal.com/cgi-bin/frames.pl/index.html

A document at LinuxJournal on Netfilter

http://joker.rhwd.de/doc/Securing-Debian-HOWTO/Securing-Debian-HOWTO.html

Securing Debian HOW-TO

www.debianplanet.net
www.debianhelp.org

Debian community sites.


Enjoy!!

Stef





Reply to: