Hi try this http://www.shorewall.net/ lot of documentation , included some samples for 1,2,3 interfaces and of courese Debian packages.
Tomas Novotny Internet systems manager Bratislava, Slovakia -----Original Message----- From: Costas Magkos [mailto:[EMAIL PROTECTED] Sent: Thursday, March 04, 2004 4:15 PM To: Debian Security Subject: setting up iptables Hi all, Can someone give me some best-practices for setting up iptables on a Debian system? I'm looking for things like where should the rules be placed, what startup script to use [1], good configuration tools [2] and so on. URLs are appreciated, I dont mind reading :-) I'm currently setting up iptables on a single-server enviroment (no routing), but since I will be using iptables a lot, general concepts are also welcome. -- [1] When looking around how to set up iptables, I found in /etc/default/iptables some discouraging words (apparently from the author) about the usage of the iptables init.d script, which can be summarized to this: "Do not use it". Why not? And if not, is there any other way? [2] I tried firestarter, seems nice. However, it produces a large ruleset with tones of redundant rules and /proc optimizations (for instance, the anti-spoof filtering is activated by default). It involves too much editing, which I have no problem doing it if someone tells me it's worth it. Thanks in advance, ~kmag Costas Magkos Internet Systematics Lab Athens, Greece -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]