[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Recommended firewall package?

On Mon, 2004-11-01 at 07:45 -0800, Potato Chip wrote:
> Is there a recommended firewall package? There seem to be several
> available, but was curious if there was a debian recommended one.
> I currently have a hand-crafted script calling iptables directly.
> Logging is only provided by iptable's -j LOG parameter, which is less
> than ideal.

You could take a look at 'fwbuilder' if you like a graphical GUI
(much like a tiny version of the CheckPoint firewall GUI).

Probably your hand-crafted iptable script is fine. Unless you need
to secure large networks and just have up to 100 rules that should
be enough.

The iptable's "-j LOG" target is the common way to do it. Just create
a logging chain and use that as a target. Example:

# create a "log+drop" chain
$IPT -N logdrop
$IPT -A logdrop -j LOG --log-level info --log-prefix "drop-in: "
$IPT -A logdrop -j DROP

# log+drop incoming port 445 traffic
$IPT -A INPUT -i eth1 --dport 445 -j logdrop


Dipl.-Inform Christoph Haas
OTTO GmbH & Co. KG / Wandsbeker Straße 3-7 / 22172 Hamburg
Department IT-KS-SN (Server & Networks)
Phone (040) 6461-6018 / Fax (040) 6464-6018
Warning: This email was transmitted by electrically charged particles
moving at velocities in excess of five hundred million miles per hour.

Reply to: