-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi,
you can use a simple firewall script using iptables. the script lokks like this:
$IPTABLES -P INPUT DROP $IPTABLES -P FORWARD DROP $IPTABLES -P OUTPUT ACCEPT
$IPTABLES -A OUTPUT -p tcp -s $MYIP -d 0/0 -j ACCEPT $IPTABLES -A INPUT -p tcp -d $MYIP -s 0/0 -m state ESTABLISHED,RELATED - -j ACCEPT
$IPTABLES -A INPUT -p tcp -d $MYIP -s 0/0 -j LOG --log-prefix "INPUT FIREWALL"
This little script allows you to connect to the internet and deny every connection from the internet to your computer except all downloads you have started.
The first three lines define the standard policy for each table. The next two lines allow all outgoing and related incoming connections. The last line writes all attemps to connect to a logfile.
Hope this will help you.
Michael. V�ctor A. Ramos wrote: | Hi there! | | I write this e-mail, because I'd like to build a firewall on my Debian | system, using iptables. | My computer is a Internet client, and doesn't offer any service or | server to the Internet(no ssh, no smtp... anything), so the 'policy' | should be: reject all input connections and external pings.... and allow | all connections from my PC to Internet. | | I've looking and studying a lot of manuals and how-to's but all of them | are destinate to a Debian system working as a router for a LAN :-/ | | Anyone would like to tell me where I can get some information about my | requirements? | | Thanks a lot
- -- Michael Tschach B�romat IT Systeme GmbH Softwareentwicklung Newtonstrasse 12 Tel: +49 375 8109 0 08060 Zwickau Fax: +49 375 8109 256 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (MingW32)
iD8DBQFBs+ufC+AbA0CPxiwRAmPBAKDVvJW2MP62dWAYIUkXqhRojGUBGgCfaFve Y5AliXRgiFlgS2251YOZJXA= =jcqE -----END PGP SIGNATURE-----
