On Mon, 2004-01-26 at 10:11, Brian Schmidt wrote: > I'm trying to set up a proper firewall, and have a decent one set up so > far.. > A few things I'm missing though are the ability to allow/deny ipranges, > so I have been looking around a bit, and saw that there was a module > called iprange. > How do I install this with debian? Doesn't seem like there is an option > to enable it when building a kernel, nor any deb package with it, and to > be honest I'm quite a linux illiterate when it comes to patching > something like iptables :( > > Another thing with iptables I have been thinking of letting my firewall > do, is to give a proper reply to connections on closed ports, rather > than just dropping the connection. > Reason for this is that I run a few services for LAN only that I cannot > simply bind to the LAN side. Also when people know my host is up and > tries to connect to a specific port, rather than having to time out > their client would just get the standard (its even in som RC if I > remember correct) "closed" reply. > > Hope someone is able to help on this one.. A quick overview of the relevant Debian packages: fwbuilder 1.1.1-0.1 Firewall administration tool GUI fwbuilder-ipf 1.1.1-0.1 FreeBSD 4.4 ipf policy compiler fwbuilder-ipt 1.1.1-0.1 Linux iptables policy compiler fwbuilder-pf 1.1.1-0.1 OpenBSD pf policy compiler libfwbuilder5 1.0.2-0.1 Firewall Builder API library iptables 1.2.9-3 IP packet filter administration tools kernel-image 2.4.24-1 Linux Kernel Image FWBuilder == Very Nice, excellent, extended, workable Firewall Script builder. Nice feature set, Nice wizard (that mostly works) gives yyou something to start with... I'd be hard pressed to recommend anything else. -- greg@gregfolkert.net REMEMBER ED CURRY! http://www.iwethey.org/ed_curry
Attachment:
signature.asc
Description: This is a digitally signed message part