Re: successful server installation, iptables question
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Monday 28 October 2002 12:01 pm, linux4bene@pandora.be wrote:
> Hi,
>
> i successfuly installed my new debian server instead of the suse 7.2 that
> was on it. It was a lot easier to install and i knew what i was doing or at
> least i thought i was :-)
> I have installed the ipmasq package to share my internet connection.
> All works ok. However, how does one customize the settings? For instance
> if you want to allow an ssh connection in?
There are two packages one is ipmasq and the other is iptables. They conflict
with each other. I think you need a linux 2.4 kernel to use iptables, ipmasq
can be used on 2.2 (and 2.4?).
They are very similar to each other - although I have always prefered iptables
because
a) It brings more options with it to check things like open sessions or
requests to start a session
b) The input and forward tables are completely separate (in ipmasq forwarded
stuff also traversed the input table making it very difficult to have one set
of rules for filtering into the gateway box and another for forwarding).
I have a custom iptables script to set up my firewall rules - I believe the
standard debian package does something itself, but I have not really looked
at that part.
My suggestion would be to remove ipmasq and install iptables (I use dselect to
do this sort of thing) and then both man iptables and look at
/usr/share/doc/iptables/html for a howto on NAT)
- --
Alan Chandler
alan@chandlerfamily.org.uk
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE9vY2PuFHxcV2FFoIRAvXSAKCAqU67f9phrd5a4S3zZJDjDghoxACgjSIE
4ixhv9Maxc93KhfzbQNi0v0=
=kc9r
-----END PGP SIGNATURE-----
Reply to: