Re: Portsentry tcpd and iptables question

To: debian-user@lists.debian.org
Subject: Re: Portsentry tcpd and iptables question
From: Wayne Topa <brittman@capital.net>
Date: Sun, 4 Aug 2002 07:56:06 -0400
Message-id: <[🔎] 20020804115606.GA2363@dmcom.net>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 2147.192.168.0.25.1028417610.squirrel@captain.kirks.net>
References: <[🔎] 2005.192.168.0.25.1028400210.squirrel@captain.kirks.net> <[🔎] 2147.192.168.0.25.1028417610.squirrel@captain.kirks.net>

Patrick Kirk(patrick@kirks.net) is reported to have said:
> Comments please - it seems to work but there may be obviuos gotchas I need
> to be aware of.
> Thanks.
> 
> #!/bin/sh
> 
> #Be secure, ish
> PATH=/sbin:$PATH; export PATH
> 
> modprobe ip_conntrack
> modprobe ip_conntrack_ftp
> modprobe iptable_nat
> 
> hostname=enterprise
> any="0.0.0.0/0.0.0.0"
> 
> #Flush things
> iptables -F
> iptables -F -t nat
> iptables -F -t mangle
> iptables -X

At this point I setup the default policies.

# Default policies for packets addressed to or from this firewall
$IPTABLES -P FORWARD ACCEPT
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -P INPUT DROP

HTH

Wayne

-- 
The definition of an upgrade: Take old bugs out, put new ones in.
_______________________________________________________

Reply to:

References:
- Portsentry tcpd and iptables question
  - From: "Patrick Kirk" <patrick@kirks.net>
- Re: Portsentry tcpd and iptables question
  - From: "Patrick Kirk" <patrick@kirks.net>

Prev by Date: Re: What's this warning
Next by Date: Kernel won't compile on sid
Previous by thread: Re: Portsentry tcpd and iptables question
Next by thread: Re: [solved] Difficult to move /tmp
Index(es):
- Date
- Thread