[digest-mode reply]
Subject:
Re: [gentoo-user] [OT] tips on my 1st try at iptables?
From:
A. Khattri [EMAIL PROTECTED]
Date:
Mon, 30 May 2005 23:06:36 -0400 (EDT)
To:
gentoo-user@lists.gentoo.org
On Mon, 30 May 2005, Ow Mun Heng wrote:
Frankly, I've stopped trying to grok iptables
On Tue, 31 May 2005, Ow Mun Heng wrote:
I prefer just plain iptables myself ;-)
One man's meat is another's poison.
That's the beauty of Open Source. You're free to decide.
Well its one less package to manage - and you dont need any startup
scripts (/etc/init.d/iptables save saves the
As first I was a bit weary, but after I modified a sample iptables to
my likings, I found I got what I wanted.
#First we flush our current rules
iptables -F
iptables -t nat -F
#Then we lock our services so they only work from the LAN
iptables -I INPUT 1 -i eth1 -j ACCEPT
iptables -I INPUT 1 -i
On Mon, 2005-05-30 at 23:06 -0400, A. Khattri wrote:
On Mon, 30 May 2005, Ow Mun Heng wrote:
Frankly, I've stopped trying to grok iptables but rather I use a
frontend like shorewall. It's much simpler than doing it all by
yourself.
I prefer just plain iptables myself ;-)
One man's
Travis Osterman wrote:
I've spent the weekend attempting to mold an old p3 400mHz machine
into a firewall/router so I can replace my current linksys box.
Basically, I read the howtos at netfilter.org and the
gentoo-home-router-howto and put together the following script for
loading my rules.
On Sun, 2005-05-29 at 20:03 -0500, Travis Osterman wrote:
I've spent the weekend attempting to mold an old p3 400mHz machine
into a firewall/router so I can replace my current linksys box.
Basically, I read the howtos at netfilter.org and the
gentoo-home-router-howto and put together the
I tend to agree, I also tried to get a setup similar to what you have
or want up and running. I got bout 3/4 of the way there and no further
:( I havent had a chance to setup my firewall since than but shorewall
is definately going to be my choice when I get round to it :P Its
interface is a lot
Here is my /var/lib/iptables/rules-save
# Generated by iptables-save v1.2.11 on Sat May 21 16:58:29 2005
*nat
:PREROUTING ACCEPT [29:1670]
:POSTROUTING ACCEPT [431:26255]
:OUTPUT ACCEPT [0:0]
[30:1841] -A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
# Completed on Sat May 21 16:58:29 2005
# Generated
Frankly, I've stopped trying to grok iptables but rather I use a
frontend like shorewall. It's much simpler than doing it all by
yourself.
I installed ipcop briefly (just to have a look) and between my lan
network card not being supported and the additional features I wanted
to put on the box
On Mon, 30 May 2005, Ow Mun Heng wrote:
Frankly, I've stopped trying to grok iptables but rather I use a
frontend like shorewall. It's much simpler than doing it all by
yourself.
I prefer just plain iptables myself ;-)
--
--
gentoo-user@gentoo.org mailing list
10 matches
Mail list logo
