[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

was Re: Firewalls now:Ipfwadm question

On Wed, 18 Jun 1997, Philippe Troin wrote:

> On Wed, 18 Jun 1997 10:55:41 EST JIM_BURT_at_nass-fx@nass.usda.gov 
> wrote:
> >      One wants a firewall to
> >      1. not require logging into the firewall computer itself (TIS requires 
> I have an `industrial' firewall working out there, fully in the kernel (with ipfwadm). It masquerades all outbound connections (currently all, but you can choose which ports to forward and/or allow outbound connections), and refuses all outside connections except for mail, DNS and http. It also checks for spoofing (correct addresses on correct interfaces).
> >From the user, the only constraint is that he has to use passive ftp. Everything else is completely transparent.
> Ipfwadm is hard to figure out at the first glance, but it's really powerful.
> Phil.

Sorry to jump in with a basic Ipfwadm question, but it seems appropriate.

I was wondering if someone might tell me the best place to put ipfwadm
commands into my boot procedure.

I have a linux box, with two ethernet cards(cable modem/local net), it
serves as a masquerading, forwarding, ect, for a dual boot

The documentation available was great, and everything works fine despite
old cheap nic cards dug out of a box for ten bucks, and my lack of
experience. :-)  

Only thing I haven't automated is the typing in of my basic ipfwadm
commands.  Can I just throw them at the end of my /etc/init.d/network?
Is there a better place?

Rich M

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to: