[PLUG] Firewall Suggestions?

Sandy Herring sandy at herring.org
Fri Jun 21 21:01:44 UTC 2002


On Fri, 21 Jun 2002, AthlonRob wrote: 
> Hi-
> 
> I'm trying to set up a firewall. [...]
> 
> I don't want to mess with connections originating from inside the LAN...
> but I don't want anybody to be able to set up a LISTENING service which
> people could access from the Internet... unless I, root, say they can.
> 
> Any suggestions as to an iptables-based firewall configuration program or
> script or something?  :-)

You may have a shorter learning curve with TCP Wrappers than with iptables
or ipchains. Just edit /etc/hosts.allow and /etc/hosts.deny and restart
xinetd. See `man 5 hosts_access' and `man host_options'. You can easily
allow outbound traffic and limit inbound connections. 

A good firewall FAQ can be found at: http://www.interhack.net/pubs/fwfaq/

hth,
Sandy
-- 
Sandy Herring, RHCE                        o              sandy at herring.org
Peck of Pickled Pisces               __  o               http://herring.org/
UNIX or Web authoring questions?  |\/ o\  o  http://herring.org/finger.html
=>http://herring.org/techie.html  |/\__/     http://herring.org/pub-key.asc
*sh, Perl, C, VBA, PICK Assembler, Data/Basic, PROC & profanity spoken here.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
URL: <http://lists.pdxlinux.org/pipermail/plug/attachments/20020621/375c0d40/attachment.asc>


More information about the PLUG mailing list