Re: firewall for a client
I'm disagree with you... and here is a quote from the iptables
documentation section at netfilter.org:
http://netfilter.org/documentation/HOWTO//packet-filtering-HOWTO-1.html
That's all folk! :)
On Mon, 2004-12-06 at 08:10 +0100, Ansgar -59cobalt- Wiechers wrote:
> On 2004-12-06 Víctor A. Ramos wrote:
> > I write this e-mail, because I'd like to build a firewall on my Debian
> > system, using iptables.
> > My computer is a Internet client, and doesn't offer any service or
> > server to the Internet(no ssh, no smtp... anything),
>
> Then what do you need iptables for?
>
> > so the 'policy' should be: reject all input connections
>
> That's already done by your system's IP stack.
>
> > and external pings....
>
> That doesn't make sense.
>
> > and allow all connections from my PC to Internet.
>
> That's done by your system's IP stack as well.
>
> > I've looking and studying a lot of manuals and how-to's but all of
> > them are destinate to a Debian system working as a router for a LAN
> > :-/
>
> That's because it usually doesn't make sense to do packet filtering on a
> host that doesn't have any services bound to external interfaces.
>
> You simply don't need to do any packet filtering at all.
>
> Regards
> Ansgar Wiechers
> --
> "Those who would give up liberty for a little temporary safety
> deserve neither liberty nor safety, and will lose both."
> --Benjamin Franklin
>
>
--
Víctor A. Ramos <itchysoft_AT_yahoo_DOT_es>
(o_ Debian GNU/Linux .'''`.
//\ Registered User : :' :
V_/_ #315167 `. `'
`
Jabber ID <vramos_AT_jabber_DOT_org>
Reply to: