Re: Recommended Firewalls
Jude DaShiell wrote:
> So what happens if you can use debian but can't use any G.U.I. since
> none of the G.U.I. will talk yet? Is there a console equivalent for
> guardog? I'm totally blind and when I use a debian equipped computer I
> do it alone.
I'm a bit surprized not to see someone mention firehol. It's an apt-get
away, console tool for firewall. The nice part is, once you have a
config file made. You can just copy it from machine to machine with just
a little tweak here and there. Use it on your desktop or server. One
program to learn.. And it's REALLY easy..
Config file example...
version 5
server_althttp_ports="tcp/8080"
client_althttp_ports="default"
# to avoid dhcp-client from filling logs with its complaints about not
being able to contact a DHCP server...
server_dhcpclient_ports="udp/67"
client_dhcpclient_ports="default"
# if you need to blacklist incoming connection from an IP, use the
following line
blacklist this "24.202.51.30 24.202.51.31"
# notice how one is using quotes, but not the other
# redirection example - redirect traffic to port 1234 to port 110
#redirect to 110 inface eth0 proto tcp dport 1234
interface eth0 internet
# enable all available protection - against DoS, invalid packets, etc
protection strong
#server "samba icmp ftp ssh smtp dns http https pop3 althttp rsync
webmin netbios_ns" accept
#Allow from these ip ranges only
group with src "65.16.101.97/27 192.168.1.1/24"
server ssh accept
server webmin accept
group end
# client "icmp ftp ssh smtp dns http https pop3 althttp rsync webmin
dhcpclient" accept
client all accept
--
Highest Regards,
Rodney Richison
RCR Computing
http://www.rcrnet.net
118 N. Broadway
Cleveland, OK 74020
918-358-1111
Reply to: