Re: newbie needs help with iptables basics (please)

From: Roger Parks (dnlt0hn5ntzhbqkv51_at_safe-mail.net)
Date: 07/23/05

  • Next message: Wayne: "Re: Dictionary sshd attacks" 
    Date: 22 Jul 2005 15:02:25 -0700

    Proteus wrote:
    > I could really use some help setting up a basic firewall using iptables. Yes
    <snip>

    learning iptables is admirable..........

    but consider a firewall "script" first.

    It'll allow you to protect yourself instantly, and at the same time
    allow you to create and understand progressively more comprehensive
    filters.

    Lots of scripts around that produce pretty displays (e.g. firestarter),
    but questionable firewalls.

    Firehol, imho, is very sound and extremely powerful, quick to use, and
    will aid you in learning iptables/netfilter. Once you learn it, you may
    well decide that you don't want to fool with iptables.

  • Next message: Wayne: "Re: Dictionary sshd attacks"

    Relevant Pages

    • iptables script migration from Red Hat 9 To Fedora Core 4
      ... I'm working towards replacing an old firewall box with a new one. ... old box runs Red Hat Linux 9. ... I have an iptables script that works well ...
      (Fedora)
    • Firewall Rules Summary
      ... Subject: Firewall Rules Summary ... This script is provided "as is" with no implied warranty. ... this came from various howtos and articles on iptables that existed around ... #specific port denies>1024 tcp ...
      (Focus-Linux)
    • Re: [opensuse] IP tables - DIY
      ... At that time there was little YaST for the firewall, and I worked with the config file directly. ... Not knowing how IP-Filters work, it was not clear to me what exactly is happening in my firewall. ... I learnt to list the kernel IP-Table (iptables -nL), and was totally clueless what I saw there and how all this works. ... A friend came over and gave me 2-3 hours of tutoring on kernel IP-Filtering while we wrote a complete script for my network with a VPN included in the rules. ...
      (SuSE)
    • Re: some reality about iptables, please
      ... >>the script which can only be run by a root user. ... but it could re-inforce the fact that maybe running your iptables ... "I'm a packet filtering interface not a firewall tool." ... Generally Debian systems run at init runlevel 3 (this is a change if ...
      (Debian-User)
    • Re: some reality about iptables, please
      ... First post folks so I'm unsure if we top post or not round here but everyone ... friend before I even got close to understanding iptables. ... >great scripts for platform hardening but I prefer shorewall's firewall ... >script can be used to restore a saved configuration at boot time. ...
      (Debian-User)