[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Firewalling a single machine

A long time ago, in a galaxy far, far way, someone said...

> I'm running Potato with a 2.2.14 kernel.
> Is it possible to use Ipchains to firewall a single machine?


> The various documents on Ipchains which I have read (and can't
> understand anyway) seem to assume that the firewall will be on its own
> machine and talks in terms of two network cards.

Once you get down to it, there is very little difference between a system
with 1 NIC and one with 4 NICs - you're still filtering connections..

> I have a small network (3 machines) at home and I have a modem in one
> machine which is the only machine that will access the internet.  The
> other machines will not be accessing the internet in any way.

> Can I setup Ipchains on the single machine to act as a firewall.  I
> think that what I need is a packet filter.

As long as no other machines are going to use the internet connection,
that sounds right.

> As far as firewalls/Ipchains goes I am a complete idiot beginner ( I can produce
> certificates ) so _please_ keep the hints simple.
> I have tried Mason and that seems to create rules that incorporate my IP address
> which may change each time I log on via my ISP. So I can't see how that will
> work.
> I have compiled the various appropriate options into the kernel.  I could, at
> least, understand that much.
> I want to make my machine secure from outside interference when I'm on the
> internet.

PMFirewall is a set of perl scripts that will give you a good beginning on
what is generally believed to be a secure firewall.  It should do what you

The homepage is http://www.pointman.org/

If that doesn't work very well for you, I (or someone else) can give you
help with creating your firewall rules.

Phil Brutsche					pbrutsch@creighton.edu

"There are two things that are infinite; Human stupidity and the
universe. And I'm not sure about the universe." - Albert Einstien

Reply to: