Re: Iptables firewall

To: debian-firewall@lists.debian.org
Subject: Re: Iptables firewall
From: Daniel Pittman <daniel@rimspace.net>
Date: Mon, 19 Jul 2004 10:14:00 +1000
Message-id: <[🔎] 87ekn8j1kn.fsf@enki.rimspace.net>
References: <[🔎] 40FABD9B.80106@verizon.net>

On 19 Jul 2004, Sykotic wrote:
> Does anyone know where I could find like a tutorial or reference for
> using IPTables to build a firewall for just 1 pc? All the documents I've
> found mainly covered the use of IPTables for routing on a gateway
> machine...and really just glossed over the firewalling aspect.

Well, most people build their security as "crunchy on the outside,
squishy in the middle" -- they only put a firewall on the outside.

That said, there really isn't a great deal of difference between
firewalling a single machine and firewalling a network on a router.

Packets destined to the local machine come through the 'INPUT' chain,
rather than the 'FORWARD' chain, but are otherwise identical.

Personally, I use the 'filehol' script, available as part of testing and
unstable, or at <http://firehol.sf.net/>, which is a nice wrapper over
iptables.

It also has a "wizard" that will generate a template rule file that
allows access to the services that are already running. That can be a
nice head-start on getting things working.

     Daniel
-- 
Sometimes a scream is better than a thesis.
        -- Ralph Waldo Emerson

Reply to:

Follow-Ups:
- Re: Iptables firewall
  - From: jmm19@humboldt.edu

References:
- Iptables firewall
  - From: Sykotic <sykoticchaos@verizon.net>

Prev by Date: Re: Iptables firewall
Next by Date: Re: Iptables firewall
Previous by thread: Re: Iptables firewall
Next by thread: Re: Iptables firewall
Index(es):
- Date
- Thread