[PLUG] iptables where INPUT and OUTPUT...

Charles Sliger chaz at bctonline.com
Fri May 6 18:03:35 UTC 2005


I'll take a look at the files you sent.
The short answer is that you include rules for each of them and make the
rules only as permissive as you have to.

Charles L. Sliger,    Information Systems Engineer,    chaz at bctonline.com
"no matter where you go, there you are..."

-----Original Message-----
From: plug-bounces at lists.pdxlinux.org
[mailto:plug-bounces at lists.pdxlinux.org] On Behalf Of
plug_0 at robinson-west.com
Sent: Friday, May 06, 2005 9:45 AM
To: General Linux/UNIX discussion and help; civil and on-topic
Subject: RE: [PLUG] iptables where INPUT and OUTPUT...

Quoting Charles Sliger <chaz at bctonline.com>:

> You should set it up to drop everything and then put in rules to accept
> those connections that you want to allow.
> And, yes, you can have different rules for different interfaces. That's
the
> way I have my firewalls set up.
> I could be more specific if you sent a copy of your setup script.
> -chaz
> 
> Charles L. Sliger,    Information Systems Engineer,    chaz at bctonline.com
> "no matter where you go, there you are..."

The script that I set my firewall with prior to saving it and my 
netstat -nlptu output is attached.

I'm not sure how to properly allow nfs, tftp, X, etc. if I go to
a default policy of DROP on INPUT, OUTPUT, and FORWARD.

     --  Michael Robinson

-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/




More information about the PLUG mailing list