Might I join the recommendation of the IPtables scripts at
http://www.linuxguruz.org/iptables/ . If you're looking for "strong" configurations, then by judging from what I've found, there are some pretty complicated configuration there (sorry, dont have the exact link). Still, though, someone will have to take the time finishing and adjusting a script to your neeeds.
The IPtables tutorial at http://www.netfilter.org/documentation/tutorials/blueflux/iptables-tutorial.html has besides the tutorial itself some example scripts, some which might be easier to comprehend and update (considering time constraints).
I also have some script from the technion, if you're interested (cant recall the source, probably the technion site itself).
Boaz.
Omer Zak wrote:
Hello Doron,
Thanks for the link. It is a first step in the right direction. But it
is still good only for someone who is willing to invest some time and
study the subject.
It is not yet an "out of the box" solution for someone with simple and
standardized needs and wants just to get the job done without being
bothered.
Time permitting, I'll study it and make a recommendation for Israeli ADSL
users.
--- Omer
My opinions, as expressed in this E-mail message, are mine alone.
They do not represent the official policy of any organization with which
I may be affiliated in any way.
WARNING TO SPAMMERS: at http://www.zak.co.il/spamwarning.html
On Fri, 14 Feb 2003, Doron Ofek wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
&bet;&yod;&vav;&fmem; &shin;&yod;&shin;&yod; 14 &pe;&bet;&resh;&vav;&alef;&resh; 2003, 13:09, Omer Zak &kaf;&tav;&bet;:
Once upon a time I configured a 2.2.x Linux firewall with ipchains, andHi Omer
used a script with which I was happy, as it opened only certain ports, had
anti-spoofing protection, etc.
More recently I configured a 2.4.x Linux firewall with iptables.However
I am not happy with the iptables configuration used there.
Does anyone know about a collection of recommended iptables scripts for
the following environments:
1. Single Linux PC at home (no need to export services like WWW to the
Internet).
2. Home or small office network (NAT, any PC can access the Internet,
nothing is exported to the world).
http://www.linuxguruz.org/iptables/
Doron
===============================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
