[PLUG] Firewall Suggestions?
Brian Horan
bhoran at anythingemail.com
Fri Jun 21 21:32:19 UTC 2002
OpenBSD also has a pretty good howto for making your own ISO's too
On Friday 21 June 2002 05:24 pm, Brent Jones wrote:
> What I just recently did, I bought the new OpenBSD 3.1 release originaly as
> a secondary DNS box. But later on, I setup packet forwarding and packet
> filtering.
> Its working just awesome, far better then any other firewall Ive used. The
> rules are a little different then IPTables, but pretty easy to pick up. The
> main openbsd networking FAQ is here:
> http://www.openbsd.org/faq/faq6.html#PF And I also found this usefull:
> http://real.ath.cx/BSDinstall.html
>
> Only drawback, theres no public CD images of OpenBSD 3.1, but you can find
> 3.0 on planetmirror.com
>
> Brent Jones
> brentj at servuhome.net
> ----- Original Message -----
> From: AthlonRob
> To: plug at lists.pdxlinux.org
> Sent: Friday, June 21, 2002 1:05 PM
> Subject: [PLUG] Firewall Suggestions?
>
>
> Hi-
>
> I'm trying to set up a firewall. I've just been following the IPMasq
> Howto for the most part, and do have a basic firewall set up. However, I
> want something a little bit more secure. Folks inside my LAN will be able
> to open VNC sessions and have SSH access (including X11 forwarding) to the
> server... I don't want them to be able to (for instance) open up a SOCKS
> proxy on a high port which folks could tunnel through to get inside the
> LAN.
>
> I don't want to mess with connections originating from inside the LAN...
> but I don't want anybody to be able to set up a LISTENING service which
> people could access from the Internet... unless I, root, say they can.
>
> Any suggestions as to an iptables-based firewall configuration program or
> script or something? :-)
>
> I'm running Slackware 8.1... and usually do these kinds of things by
> hand... but I'm just having a heck of a time understanding the different
> commands and rules you use to get a firewall going.
>
> Rob
--
Brian Horan
Network Adminstrator
Anything Email, Inc
bhoran at anythingemail.com
More information about the PLUG
mailing list