[PLUG] Firewall Suggestions?
Brent Jones
skullone at servuhome.net
Fri Jun 21 21:24:34 UTC 2002
What I just recently did, I bought the new OpenBSD 3.1 release originaly as a secondary DNS box.
But later on, I setup packet forwarding and packet filtering.
Its working just awesome, far better then any other firewall Ive used. The rules are a little different then IPTables, but pretty easy to pick up.
The main openbsd networking FAQ is here: http://www.openbsd.org/faq/faq6.html#PF
And I also found this usefull: http://real.ath.cx/BSDinstall.html
Only drawback, theres no public CD images of OpenBSD 3.1, but you can find 3.0 on planetmirror.com
Brent Jones
brentj at servuhome.net
----- Original Message -----
From: AthlonRob
To: plug at lists.pdxlinux.org
Sent: Friday, June 21, 2002 1:05 PM
Subject: [PLUG] Firewall Suggestions?
Hi-
I'm trying to set up a firewall. I've just been following the IPMasq Howto for the most part, and do have a basic firewall set up. However, I want something a little bit more secure. Folks inside my LAN will be able to open VNC sessions and have SSH access (including X11 forwarding) to the server... I don't want them to be able to (for instance) open up a SOCKS proxy on a high port which folks could tunnel through to get inside the LAN.
I don't want to mess with connections originating from inside the LAN... but I don't want anybody to be able to set up a LISTENING service which people could access from the Internet... unless I, root, say they can.
Any suggestions as to an iptables-based firewall configuration program or script or something? :-)
I'm running Slackware 8.1... and usually do these kinds of things by hand... but I'm just having a heck of a time understanding the different commands and rules you use to get a firewall going.
Rob
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.pdxlinux.org/pipermail/plug/attachments/20020621/58778666/attachment.html>
More information about the PLUG
mailing list