[PLUG] Firewall Suggestions?
Sandy Herring
sandy at herring.org
Fri Jun 21 21:01:44 UTC 2002
On Fri, 21 Jun 2002, AthlonRob wrote:
> Hi-
>
> I'm trying to set up a firewall. [...]
>
> I don't want to mess with connections originating from inside the LAN...
> but I don't want anybody to be able to set up a LISTENING service which
> people could access from the Internet... unless I, root, say they can.
>
> Any suggestions as to an iptables-based firewall configuration program or
> script or something? :-)
You may have a shorter learning curve with TCP Wrappers than with iptables
or ipchains. Just edit /etc/hosts.allow and /etc/hosts.deny and restart
xinetd. See `man 5 hosts_access' and `man host_options'. You can easily
allow outbound traffic and limit inbound connections.
A good firewall FAQ can be found at: http://www.interhack.net/pubs/fwfaq/
hth,
Sandy
--
Sandy Herring, RHCE o sandy at herring.org
Peck of Pickled Pisces __ o http://herring.org/
UNIX or Web authoring questions? |\/ o\ o http://herring.org/finger.html
=>http://herring.org/techie.html |/\__/ http://herring.org/pub-key.asc
*sh, Perl, C, VBA, PICK Assembler, Data/Basic, PROC & profanity spoken here.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
URL: <http://lists.pdxlinux.org/pipermail/plug/attachments/20020621/375c0d40/attachment.asc>
More information about the PLUG
mailing list