Re: Firewall packages (was: All these open ports)

To: debian-user@lists.debian.org
Subject: Re: Firewall packages (was: All these open ports)
From: Paul Gear <paul@gear.dyndns.org>
Date: Wed, 18 Aug 2004 22:23:22 +1000
Message-id: <[🔎] cfvhnr$179$1@sea.gmane.org>
In-reply-to: <[🔎] 1092773337.8874.202521717@webmail.messagingengine.com>
References: <[🔎] 1092773337.8874.202521717@webmail.messagingengine.com>

listcomm@ml1.net wrote:
> ...
> Thus far, I haven't been able to find anything that provides
> canned-up functionality of the nature of the Windows "Zone Alarm",
> although I can probably overcome that by iptables scripting,
> whereas with the Windows firewalls you get whatever is there
> and have to live with it.

You could get something close to Zone Alarm (minus the application
permissions stuff) with a very short iptables script which set the
policies for INPUT and FORWARD to DROP, and OUTPUT to ACCEPT, and adding
a couple of rules for allowing related and established connections on
the INPUT chain.  I'm sure there are basic HOWTOs on this floating
around - google for something like "iptables introduction" and you
should find some good hits.

-- 
Paul
<http://paulgear.webhop.net>
--
Did you know?  If you use two dashes followed by a space as your
signature separator, good email programs will chop them off
automatically, reducing noise in email replies.

Reply to:

Follow-Ups:
- Re: Firewall packages (was: All these open ports)
  - From: listcomm@ml1.net

References:
- Re: Firewall packages (was: All these open ports)
  - From: listcomm@ml1.net

Prev by Date: Debian release archive (was: One More time.)
Next by Date: Re: Proper place to put xmodmap and stuff?
Previous by thread: Re: Firewall packages (was: All these open ports)
Next by thread: Re: Firewall packages (was: All these open ports)
Index(es):
- Date
- Thread