Re: [masq] Book for rules?

Wed, 9 Dec 1998 08:14:34 -0500 

Bill (&All):

I've worked with Paul Sery's book, "The Linux Network Toolkit" extensively, and it 
does cover a lot of ground about basic ipfwadm rule setup.  The book is focused on 
creating a secure firewall / masq machine using a dual homed firewall.net / dual homed 
private.net setup.  He's very clear on IP masquerading, basic routing and a very 
secure (but not very real world) packet filtering firewall setup.  Sery did not touch 
on MASQ modules (modprobe ip_masq_ftp & the like) and ipportfw.  I think the real way 
to learn is to go through Sery first, and then take apart an advanced ruleset like 
dranch's TrinityOS.

Paul's book gets through the basics, but once you understand what he's taught you, you 
will want more information.  I worked through The Linux Network Toolkit (LNTK) first, 
then I bought Building Internet Firewalls to understand just what I had done with 
LNTK.  Paul is by the way a really nice guy, and immediately helped me via email 
though some problems - not what you would expect from your typical author!

A very big plus to LNTK is that it gives a simple, clear explanation of Samba that is 
documentation of spectacular quality.  The Samba parts of LNTK are actually far better 
than the MASQ sections.

Well worth the price of admission, but you'll want more when you're done.

Bill Strosberg

-----Original Message-----
From:   David A. Ranch [SMTP:[EMAIL PROTECTED]]
Sent:   Tuesday, December 08, 1998 5:57 PM
To:     Bill Schoolcraft; IP-Masq
Subject:        Re:  [masq] Book for rules?


Rules for what?  IPFWADM?  

        The O'Reilly book will tell you how firewalls work and 
        teach you how to filter stuff properly, etc.  It won't
        tell your how to do IPFWADM.

        Another book that sounds like it does cover MASQ somewhat
        is the Network Toolkit from Sery.  Its a general network
        book but it does have some stuff in there about IPFWADM.

--David
.----------------------------------------------------------------------------.
|  David A. Ranch - Remote Access/Linux/PC hardware      
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]

Reply via email to