Fwd: iptables related query
I have aked kind of the same question regarding iptable last week.
Look through replies and you'get an idea on how to start with your own
iptables scripts from scratch :-)
---------- Forwarded message ----------
From: J.A. de Vries <firstname.lastname@example.org>
Date: Jul 4, 2005 9:40 AM
Subject: Re: iptables related query
On 2005-07-03 @ 21:40:06 (week 26) Mal Beaton wrote:
> I prefer to use sub chains to identify from the internet or from
> internal etc
I do too, but as the corresponding webpage states:
Note that this ruleset is written with readability and clearness in mind
so anyone can fathom it. Thus it is optimized for understandability and
not for speed. For a standard workstation or a server with limited
amounts of traffic that won't pose any problem. In an environment with
huge amounts of traffic or where Network Address Translation is used a
more complicated ruleset will be needed.
I might redo it though (if I find the time)...
> I also learnt from a very experienced firewall administrator to use the
> long switches so anyone else can easily read the scripts
That's very sound advice, which I couldn't agree with more.
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact email@example.com