From: John Malone (John.Malone at domain ireland.sun.com)
Date: Fri 28 Jul 2000 - 17:45:04 IST
Found this linked from the page that someone posted earlier.
http://www.linux-firewall-tools.com/linux/firewall/index.html
It's a web page that lets you configure your firewall by point and
click. Then gives you a script on a web page.
Usefull as a starting point or a reference for building your own.
John
* At 17:28, kevin lyda wrote:
> On Fri, Jul 28, 2000 at 04:59:42PM +0100, Martin Feeney wrote:
> > ## allow ssh on ppp0
> > #/sbin/ipchains -A input -j ACCEPT -i ppp0 -d <ip of ppp0>/32 22 -p tcp
>
> dynamic ip? i'd need to do that for any other services on ppp0 as well,
> yes. and the deny stops ftp from working (except via pasv)?
>
> > ## block outgoing SMB
> > #/sbin/ipchains -A input -j DENY -d 0/0 137 -s <internalnetwork/mask> -p
> > udp -l
>
> ah, no windows boxes, don't need that. ah...
>
> > on top of that I'd set hosts.deny to ALL:PARANOID and try to get mysql to
> > only listen on the address(es) of eth*. Also I'd remove all trace of tftp
> > and exorcise my machine afterward unless there is a _REALLY_ desperate
> > need for it. I'd also kill all rsh/rlogin/etc. servers.
>
> i need tftp and i need rsh. i like this command:
>
> tar zcf - dir|rsh inle 'cd newdir;tar zxf -'
>
> it saves me from going out and buying a 100mb hub plus cards. the deny
> command would close all that up anyway, right?
>
> kevin
>
> --
> kevin at domain suberic.net nothing witty here.
> fork()'ed on 37058400
> meatspace place: work
>
> --
> Irish Linux Users' Group: ilug at domain linux.ie
> http://www.linux.ie/mailman/listinfo/ilug for (un)subscription information.
> List maintainer: listmaster at domain linux.ie
-- There are 30592798285 seconds until the 4th millenium. ----- End forwarded message ----- -- There are 30592797572 seconds until the 4th millenium.
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:07:01 GMT