On Monday 01 October 2001 06:53, Admin wrote: > Hello: > > Toda my linux box would act as the internet gateway to the lan. In the > process, I found out mandrake also installed iptables. I now understand a > firewall must be installed for masquerading, don't know why, but it has to. > Now, I have been trying to figure out how to use iptables and I am truly > confused. What in the world is a chain? I read the man file and the > how-to, but either I am being a bit dense, or the subject matter is > difficult. I have used firewalls in windows, specifically, conseal, but I > am in need of help. > > I found a script called iptables in my etc/init.d directory. Is this > script suppose to be moved to the etc/sysconfig directory? > > I have read from this list, about a program called bastille. Would > bastille be an easier program to use and would I have to remove iptables > before installing bastille? If so, how do you go about removing iptables > without affecting your masquerade? > > In a way iptables seems to be what I am looking for, which is a firewall > executed from the terminal mode, but I would also like to have the ability > of "seeing" who/what is probing my system. Does iptables has this ability? > Thanks in advance. > > Regards, > > Dexter Drakgateway runs the masquerade. It would help to know which version you are running.
There is a tiny firewall built into the Mandrake Control Center. Bastille is an interactive tool which teaches you about security as you bring it up, but it can cut off your printing (port 631), so be careful. iptables is a system for interpreting firewall rules. It is _stateful_ unlike its predecessor ipchains. This means that if a packet comes in looking like a response to a querry, the stateful rule will check to see if a query was indeed sent to that address. If not, then the packet gets bounced or dropped. If you want a log of activity, then portsentry is an OK tool to use. With Nimda and CodeRed all over the internet, make sure you have /var set up as a large partition by itself to handle the load of messages you will store. Civileme
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
