I configured a "medium" firewall during install, and it generated an /etc/sysconfig/ipchains file and an /etc/init.d/ipchains startup script. Once the startup script was run, ipchains support was loaded into the kernel as a module, and the sysconfig file was a list of ipchains rules. It just "worked". Aside from that, I ported my own ipchains firewall script, which included insmod and flush and such, and it just "works".
FWIW, there's an article in THIS month's SysAdmin magazine on configuring iptables on Linux. I haven't pored through it yet, but there's almost enough printed material on iptables in recent issues of trade journals to just photocopy 200 pages and hand them out at the next LUG. I've seen it in SysAdmin and in Linux Journal, which is available locally off the rack. iptables isn't a mystery anymore except to people who haven't researched it. ...like me. -- -j On Tue, 13 Nov 2001, Muhammed N Hasan wrote: > Date: Tue, 13 Nov 2001 09:56:03 -0600 > From: Muhammed N Hasan <[EMAIL PROTECTED]> > Reply-To: [EMAIL PROTECTED] > To: [EMAIL PROTECTED] > Subject: [brluglist] iptables Firewall > > > John: > > No problem at all! > > I got it from a friend. I thought it was kind of funny and wanted to share > it with you. > > Now, I need some help. I just upgraded one of my Linux boxes to Red Hat 7.2 > from 7.0. I didn't know until I found out after the upgrade that Kernel 2.4 > dropped support for ipchains. I was running PMFirewall before. It uses > ipchains. So it's no use right now. > > Anyway, I did a search on SourceForge and came up with Shorewall. I played > with it a little bit. It is nice and powerful. But the problem is there are > too may configuration files to configure at the time of installation. Which > got me confused. In PMFirewall, the installation script is interactive and > walks you through setting up the firewall painlessly. > > Does anyone know of a firewall that uses iptables AND fairly easy to setup? > > Thanks > > Muhammed > > > From:John Hebert <[EMAIL PROTECTED]>@brlug.net on 11/13/2001 05:53 AM > PST > > > Sent by: [EMAIL PROTECTED] > > Please respond to [EMAIL PROTECTED] > > > > To: [EMAIL PROTECTED] > cc: (bcc: Muhammed N Hasan/mhasan1/LSU) > > Subject: Re: [brluglist] Cajun Virus > > > > Muhammed, > > I just realized I made a critical typo in my previous > email. The last sentence should have read: > > "And we have a good sense of humor, so no offense > taken." > > Sorry about that, Muhammed. > > John Hebert > > > --- John Hebert <[EMAIL PROTECTED]> wrote: > > Muhammed, > > > > Contrary to popular belief, Cajuns aren't ignorant. > > While ULL may not be as good as LSU at football, I'd > > say the ULL Computer Science program is better than > > LSU's. > > > > And we have a good sense of humor, so offense taken. > > :) > > > > John Hebert > > > > --- Muhammed N Hasan <[EMAIL PROTECTED]> wrote: > > > > > > U have jus received da Cajun Bad to the Bone Coon > > > Ass Virus. Sance we ain't > > > got no programin sperience dis virus woks on da > > > honor system. Please d'leet > > > all da files on u hard driver and manually forward > > > dis virus to averybody > > > on u maleing list. Tank ya'll for u cooperation. > > > Sicerly, Boudreaux and Thibodaux > > > > > > ================================================ > > > BRLUG - The Baton Rouge Linux User Group > > > Visit http://www.brlug.net for more information. > > > Send email to [EMAIL PROTECTED] to change > > > your subscription information. > > > ================================================ > > ================================================ > BRLUG - The Baton Rouge Linux User Group > Visit http://www.brlug.net for more information. > Send email to [EMAIL PROTECTED] to change > your subscription information. > ================================================ > ================================================ BRLUG - The Baton Rouge Linux User Group Visit http://www.brlug.net for more information. Send email to [EMAIL PROTECTED] to change your subscription information. ================================================
