Re: firewall setup - firewall newbie

Douglas Maxwell wrote:
>> I'm going to set this box up as a caching DNS server for the
>> machines inside of it.  After that do I work NAT (ipmasq?) or FW
>> (ipchains?) ?
> You may not need either, if it is just an internal, caching DNS. The
> DNS application config will take care of forwarding DNS queries
> appropriately. Does it need to be accessible by hosts on the Internet?
> Is it even forwarding traffic at all? If it is forwarding traffic,
> does it need to do any NAT?
> If you do need a firewall, I would use iptables...although this
> presumes you are on at least kernel 2.4. If you are on 2.2, you are
> stuck with ipchains. Iptables is worth the upgrade ;-)
> If you don't have experience with iptables, see
> http://iptables-tutorial.frozentux.net/. I also have some stuff up on
> iptables and fwbuilder at my site, http://www.turinglabs.com.
> Doug

Shorewall is also quite handy and easy to set plus it has good

