Re: firewall advice

To: debian-security@lists.debian.org
Subject: Re: firewall advice
From: Jeffrey Taylor <jeff.taylor@ieee.org>
Date: Mon, 16 Dec 2002 12:14:58 -0600
Message-id: <20021216181458.GA10128@pogo.bearhouse.lan>
In-reply-to: <20021216132952.GC28439@johann>
References: <20021216031525.GB18036@torrin.dyndns.org> <20021216132952.GC28439@johann>

I am using the v1 scripts on Debian 3.0r0.  IIRC, I had to change one
directory in the INSTALL script.  SuSE puts the symlinks in
/etc/init.d/rcX.d and Debian puts them in /etc/rcX.d/.  Edit the
script before running it.  I like it because it works at the policy
level of Internet, DMZ, and internal zones, services, trusted
networks, etc.  Plus rules to block attacks the author is knowledgable
about that few of us know about (e.g., ICMP).  And does not require X.
All other tools I tried were just GUI interfaces to add individual
rules to IPchains/IPtables.  The result is no better than my
knowledge.  The SuSEfirewall scripts are "expert in a script".

The URL is http://www.suse.com/~marc/SuSE.html.

HTH,
  Jeffrey

Quoting Lars Ellenberg <l.g.e@web.de>:
> On Sun, Dec 15, 2002 at 07:15:25PM -0800, Torrin wrote:
> 
> >  I'll also add connection tracking in my iptables script.  Is
> > there anything I can do in my ipchains script?
> 
> did you ever look at the SuSEfirewall{,2} scripts by marc heuse?
> GPL, will work with any distro, maybe small changes where to find the config
> files etc.
> v2 is for iptables, v1 for ipchains.
> for a "simple bash script" quite cool. concept and all.
> commented config file. good faq by togan somwhere in the suse faq on sf.net.
> 
> sorry, no url, but you'll find it for sure on the suse site and elsewhere.
> 
> 	Lars

Reply to:

References:
- firewall advice
  - From: Torrin <torrin@torrin.dyndns.org>
- Re: firewall advice
  - From: Lars Ellenberg <l.g.e@web.de>

Prev by Date: Re: firewall advice
Next by Date: SSH
Previous by thread: Re: firewall advice
Next by thread: Re: firewall advice
Index(es):
- Date
- Thread