On Saturday 08 July 2006 14:14, [EMAIL PROTECTED] wrote:
> > If you want something simple, firehol is pretty good. Debian (and
> > therefore probably Ubuntu) has a bunch of example config files that
> > are really easy to use. The advantage to say shorewall (although
> > things may have changed) is that with fussy protocols like SMB, you
> > just enable it and it works, where as I found with shorewall that you
> > needed to worry about traffic directions and such. It also lets you
> > do NATting and stuff extremely simply.
> >
> > And that's my 5 cents.
>
> Yes, same with Firestarter. I used Shorewall for quite some time on a
> Linux router. It is good, but something like Firestarter is (I think)
> the way to go for a simple Ubuntu setup. Doesn't do as much as
> Shorewall, but it is dead simple to set up and run a simple desktop
> protection firewall.
>
> My 5 cents.
Thanks Alan
guidedog
guarddog
worked. It seems that there is no option to:
* trust the local network (everything allowed)
* allow ESTABLISHED/RELATED packets back
* allow arbitary complex stuff (still investigating) eg for my openvpn
iptables -A INPUT -i tun+ -j ACCEPT
iptables -A FORWARD -i tun+ -j ACCEPT
But its mostly working
James
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
