LISTSERV - PCBUILD Archives - LISTSERV.ICORS.ORG

PCBUILD Archives

Personal Computer Hardware discussion List

PCBUILD@LISTSERV.ICORS.ORG

	LISTSERV Archives
	PCBUILD Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Firewalling netwirk with Red Hat post (fwd)
From:	Jeremy Rose <[log in to unmask]>
Reply To:	PCBUILD - Personal Computer Hardware discussion List <[log in to unmask]>
Date:	Wed, 9 Oct 2002 07:14:11 -0700
Content-Type:	TEXT/PLAIN
Parts/Attachments:	TEXT/PLAIN (63 lines)

--

-\_/-\_/-\_/-\_/-\_/-\_/-\_/-\_/-\_/-\_/-\_/-\_/-\_/-\_/

Subject: Re: Firewalling netwirk with Red Hat post

Ok, I admit I am no expert or anything.  I am just a kid who has been
using Linux for a couple years and figured out how to do some very usefull
things with it.
Linux has a utility called iptables that works closely with the kernel
and acts as a very configureable and
flexible packet filter.  I have a dedicated 486 that sits under the tv and
has no monitor that I use iptables on to forward my 56k dialup internet
connection over my home ethernet tcp/ip network.

As far as what distro of Linux should be used, I dont think it really
matters.  As of 7.3, it looks like Red Hat has a wizard to automatically
set up a firewall, but I dont use it, I am afraid of stuff that do things
automatically for me in Linux.

As for the firewalling features, the command
iptables -A INPUT -m state --state NEW -i ppp0 -j DROP
will drop (ie, ping requests will time out) any new connection to the
machine.  There are also options to log packets meeting certain criteria
(excellent for debugging or tracking down intruders), allowing/denying
traffic from certain hosts, port forwarding, and like I mentioned before,
acting as a gateway for other machines on the network.

I have my box set up to do everything automatically when it turns on
(initiate the connection, and then start the firewall, and then start
logging) and redial my isp if the connection is lost.  Whenever I need to
change any setting manually, I ssh into it.  The best part is, it is in
linux, so you can shell script anything and everything.

It will (I hear, but have not tried yet) support multilink (using multiple
modems to speed up the connection).
It can of course work with broadband internet services too, although i
have never had the opportunity to set that up.  Since it is linux there
are many good tutorials on how to set everything up, and there is always
help on
IRC.

On Tue, 8 Oct 2002, Freeman Mendell wrote:

> I saw your post on PC Build. about firewalling your network with Red
> Hat. I have several old P200 machines that I could use to do that with.
> Could you elaborate a little on how you set it up?
>
> Thanks much!
>
>

--

-\_/-\_/-\_/-\_/-\_/-\_/-\_/-\_/-\_/-\_/-\_/-\_/-\_/-\_/

                  Visit our website regularly for FAQs,
               articles, how-to's, tech tips and much more
                          http://freepctech.com

ATOM RSS1 RSS2

LISTSERV.ICORS.ORG