Re: How to work with my iptables script

To: debian-firewall@lists.debian.org
Subject: Re: How to work with my iptables script
From: Daniel Pittman <daniel@rimspace.net>
Date: Wed, 25 Aug 2004 17:48:54 +1000
Message-id: <[🔎] 87zn4jd5eh.fsf@enki.rimspace.net>
References: <[🔎] 412C2C07.4020806@list.idg.dk>

On 25 Aug 2004, Jacob Friis Larsen wrote:
> By the help of http://iptables-script.dk/ I have created the script below.
>
> Is this the correct way to work with it:
> - Store it in /root as myiptables
> - Make it executable
> - Run /root/myiptables
> - Run /etc/init.d/iptables save active
>
> And does it look ok?

It looks reasonably secure, for a small server, and your set of steps
look reasonable.

You could increase security by limiting traffic to exclude forged or
invalid packets, and limit outbound traffic appropriately.

Logging would probably also be useful.

You may find that using a higher level tool, of which there are a wide
range in Debian, would make it easier to achieve this goal.

Regards,
        Daniel
-- 
People of privilege will always risk their complete destruction
rather than surrender any material part of their advantage.
        -- John Kenneth Galbraith, _The Age of Uncertainty_, 1977

Reply to:

Follow-Ups:
- Re: How to work with my iptables script
  - From: Jacob Friis Larsen <jfl@list.idg.dk>

References:
- How to work with my iptables script
  - From: Jacob Friis Larsen <jfl@list.idg.dk>

Prev by Date: How to work with my iptables script
Next by Date: Re: How to work with my iptables script
Previous by thread: How to work with my iptables script
Next by thread: Re: How to work with my iptables script
Index(es):
- Date
- Thread