Re: firewall newbie questions
On Saturday 10 April 2004 14.20, Jonas Meurer wrote:
> yea, I know that. But as long as the dnsserver only holds domains
> that are local to the server it's not that worse, and I'll surely
> add another secondary nameserver as soon as possible, but since we
> are a small company, and this is our first own server, it's not
> that easy to find another one.
Me too. But at dyndns.org the host me a
secondary dns for 15$ / year
secondary mailserver for 30$ / year
and beleve me: it's worth. My ADSL was broken, I've hassle with my
provider, with the Swisscom, but finaly it was my modem cable. Not
one email was lost.
> Since the package you recommented, 'firehol' has a note at
> description, called: "The default configuration file will allow
> only client traffic on PPP and ethernet interfaces.", I'm made a
> little bit confiused about if to install the package.
This is the right way. Close all, log all, open wat you need. If you
dont like scripting your iptables have a look at
http://www.m0n0.ch/wall/
http://www.ipcop.org/cgi-bin/twiki/view/IPCop/WebHome
If you want to wrote your own script, start at
http://iptables-tutorial.frozentux.net/iptables-tutorial.html
http://www.netfilter.org/documentation/
Regards
Jürg
Reply to: