Re: Could you give an example iptables script? (Help... I want to learn this stuff)

To: Debian List <debian-user@lists.debian.org>
Subject: Re: Could you give an example iptables script? (Help... I want to learn this stuff)
From: Anthony Campbell <ac@acampbell.org.uk>
Date: Wed, 24 Dec 2003 10:33:27 +0000
Message-id: <[🔎] 20031224103327.GB3327@acampbell.org.uk>
Mail-followup-to: Debian List <debian-user@lists.debian.org>
In-reply-to: <[🔎] 3FE95711.9060600@planet.nl>
References: <[🔎] 3FE95711.9060600@planet.nl>

On 24 Dec 2003, Joris Huizer wrote:
> Hello everybody,
> 
> I'm planning to use iptables as it seems it's powerfull and it will let
> me choose really what is allowed and what is not (because of p2p stuff
> etc. which allways keeps complaining - and out of curiosity)
> 
> However, I never used iptables before and it looks like it's got some
> learning curve :-P I found a great tutorial at
> http://iptables-tutorial.frozentux.net/iptables-tutorial.html ..
> I'm not going to try myself just like that as I'm afraid I might kill
> the internet connection like that, therefor I want to ask for some help.
> 
> These are the details:
> I am connecting to the net by dhcp, with an assigned (dynamic) IP
> address. I want to be able to...
> - surf the web
> - email (using smtp-server to send, pop-server to receive)
> - use ftp for uploads/downloads
> - use ssh, only outgoing, I don't need to access this computer by ssh
> - I sometimes use a chat prog called amsn
> Did I forget something basic ?
> 
> If the script allready covers those... great! Then I'll just install and
> read through the entire doc afterwards... otherwise, can you post the
> lines I have to add?
> 
> I hope someone is so kind to post an example. I can't yet read the dhcp
> script to the details of what is accepted and what not, so...
> 
> Thanks for any help!
> Merry Christmas :-)
> 
> Joris Huizer


I was in the same state as you recently, having just installed ADSL. If,
like me, you knew nothing about iptables to start with, I'd suggest
starting with one of the set-up apps (available in deb form). The best
two I've found are firestarter and shorewall. Firestarter is extremely
easy to set up, via a wizard; shorewall is also easy to set up if you go
to the website at http://www.shorewall.net for the guide. IMO this is
one of the best sites of its kind that I've seen.

Of the above two, I'd say go for shorewall, if only because it has a
useful guide to choosing which modules to enable in the kernel. It also
has a fairly active mailing list.

A.
-- 
ac@acampbell.org.uk    ||  http://www.acampbell.org.uk
using Linux GNU/Debian ||  for book reviews, electronic 
Windows-free zone      ||  books and skeptical articles

Reply to:

References:
- Could you give an example iptables script? (Help... I want to learn this stuff)
  - From: Joris Huizer <jorishuizer@planet.nl>

Prev by Date: Re: Netinst CD with recent kernel
Next by Date: Re: Defining a group of addresses, sending mail to all , mutt
Previous by thread: Could you give an example iptables script? (Help... I want to learn this stuff)
Next by thread: Re: Could you give an example iptables script? (Help... I want to learn this stuff)
Index(es):
- Date
- Thread