Re: Firewalling a single machine
A long time ago, in a galaxy far, far way, someone said...
> I'm running Potato with a 2.2.14 kernel.
>
> Is it possible to use Ipchains to firewall a single machine?
Yes.
> The various documents on Ipchains which I have read (and can't
> understand anyway) seem to assume that the firewall will be on its own
> machine and talks in terms of two network cards.
Once you get down to it, there is very little difference between a system
with 1 NIC and one with 4 NICs - you're still filtering connections..
> I have a small network (3 machines) at home and I have a modem in one
> machine which is the only machine that will access the internet. The
> other machines will not be accessing the internet in any way.
> Can I setup Ipchains on the single machine to act as a firewall. I
> think that what I need is a packet filter.
As long as no other machines are going to use the internet connection,
that sounds right.
> As far as firewalls/Ipchains goes I am a complete idiot beginner ( I can produce
> certificates ) so _please_ keep the hints simple.
>
> I have tried Mason and that seems to create rules that incorporate my IP address
> which may change each time I log on via my ISP. So I can't see how that will
> work.
>
> I have compiled the various appropriate options into the kernel. I could, at
> least, understand that much.
>
> I want to make my machine secure from outside interference when I'm on the
> internet.
PMFirewall is a set of perl scripts that will give you a good beginning on
what is generally believed to be a secure firewall. It should do what you
want.
The homepage is http://www.pointman.org/
If that doesn't work very well for you, I (or someone else) can give you
help with creating your firewall rules.
--
----------------------------------------------------------------------
Phil Brutsche pbrutsch@creighton.edu
"There are two things that are infinite; Human stupidity and the
universe. And I'm not sure about the universe." - Albert Einstien
Reply to: