I have been running my own personally developed IPTABLES ruleset since I
converted from ipchains to iptables.
My topology is is pretty simple:
WAN (cable modem) ---> eth1 [FW] eth0 ---> [HUB] --> [LAN boxes]
Note that I am forwarding port 25 from the FW to an internet mail
server.
This thread caused me to take a closer look at both shorewall, and
gsheild (I think it was). I actually emerged shorewall, and attempted
to configure it. In the end I found it more confusing than my own
custom built script. Which I have pretty extensively tested. (and which
I will be happy to share if any one is interested). Frankly, I like
understanding what is going on under the covers... so I unmerged
shorewall, and went back to using my script.
On Sat, 2003-11-01 at 19:17, Joshua Banks wrote:
> --- Simon_Khling <[EMAIL PROTECTED]> wrote:
> > > I wonder if your firewall is blocking ping scans. Disable the
> > > firewall and see
> > > if you can ping google.
> >
> > well, you are right - disabling the firewall makes ping work again.
> > maybe it is easier to build my own script from scratch instead of
> > using
> > the one from gentoo-security-guide.
>
> If you insist. Your making allot of extra work for yourself. Shorewall
> already has all of the scripts that you need. All you need to do is
> simply modify them. Trust me. Try it, and you will understand. If you
> don't like it go back to writing everything from scratch.
>
> http://www.shorewall.net
>
> JBanks
>
> __________________________________
> Do you Yahoo!?
> Exclusive Video Premiere - Britney Spears
> http://launch.yahoo.com/promos/britneyspears/
>
> --
> [EMAIL PROTECTED] mailing list
>
--
Lincoln A. Baxter <[EMAIL PROTECTED]>
--
[EMAIL PROTECTED] mailing list
