was Re: Firewalls now:Ipfwadm question
On Wed, 18 Jun 1997, Philippe Troin wrote:
> On Wed, 18 Jun 1997 10:55:41 EST JIM_BURT_at_nass-fx@nass.usda.gov
> wrote:
> > One wants a firewall to
> > 1. not require logging into the firewall computer itself (TIS requires
............
> I have an `industrial' firewall working out there, fully in the kernel (with ipfwadm). It masquerades all outbound connections (currently all, but you can choose which ports to forward and/or allow outbound connections), and refuses all outside connections except for mail, DNS and http. It also checks for spoofing (correct addresses on correct interfaces).
> >From the user, the only constraint is that he has to use passive ftp. Everything else is completely transparent.
>
> Ipfwadm is hard to figure out at the first glance, but it's really powerful.
>
> Phil.
>
Sorry to jump in with a basic Ipfwadm question, but it seems appropriate.
I was wondering if someone might tell me the best place to put ipfwadm
commands into my boot procedure.
I have a linux box, with two ethernet cards(cable modem/local net), it
serves as a masquerading, forwarding, ect, for a dual boot
machine(debian/win95).
The documentation available was great, and everything works fine despite
old cheap nic cards dug out of a box for ten bucks, and my lack of
experience. :-)
Only thing I haven't automated is the typing in of my basic ipfwadm
commands. Can I just throw them at the end of my /etc/init.d/network?
Is there a better place?
Thanks.
Rich M
richm@rogers.wave.ca
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: