On 2/24/21 2:01 PM, Steve Litt wrote: > Hi all, > > I'm now at the stage where I need a firewall on my Devuan VM guest, > and I don't know how to do it. I have the iptables package installed, > and /usr/sbin/iptables is a command, but I have no idea where to go > from there. Is there a file that iptables uses to define which ports > are blocked?
There is an awful lot of inertia for iptables, more than there was for ipchains, but iptables is rather difficult to learn and use. It has also been succeeded by nftables, which is where the development is happening. So even though Beowuulf seems to come with iptables, I would recommend removing iptables and installing with nft. See: https://wiki.nftables.org/ https://wiki.nftables.org/wiki-nftables/index.php/Quick_reference-nftables_in_10_minutes Furthermore, nftables keeps its configuration in a single file: /etc/nftables.conf which is then read on startup, once nftables is activate in sysvinit or openrc. Though it is very different, I find that nft makes a bit more sense. It is also supposed to be more efficient. YMMV. /Lars _______________________________________________ Dng mailing list [email protected] https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
