[ Date Index ][
Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
On Thu, Sep 12, 2002 at 03:30:17PM +0300, Kai Hendry wrote:
I think firestarter is crap. Is crashed while I did a nmap on my my machine. Simply use iptables. In debian, I configure my firewall, like so: Block all incoming connections, except for ssh. iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A block -m state --state NEW -i ! ppp0 -j ACCEPT iptables -A block -j DROP iptables -A INPUT -j block iptables -A FORWARD -j block iptables -L iptables -I block -i ppp0 -p tcp --dport 22 -j ACCEPT iptables -L /etc/init.d/iptables save_active
I have a similar set up apart from it has iptables -A INPUT -m state --state NEW,INVALID -i ppp0 -j DROP at the end instead of "ESTABLISHED,RELATED -j ACCEPT" at the beginning and I also allow icq and one or two other things like this iptables -A INPUT -m limit --limit 5/m --limit-burst 10 -i ppp0 -p udp --destination-port 4000 -j ACCEPT Hope this is helpful -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.