I have been running my own personally developed IPTABLES ruleset since I
converted from ipchains to iptables.  

My topology is is pretty simple:

        WAN (cable modem) ---> eth1 [FW] eth0 ---> [HUB] --> [LAN boxes]
        
Note that I am forwarding port 25 from the FW to an internet mail
server.

This thread caused me to take a closer look at both shorewall, and
gsheild (I think it was).  I actually emerged shorewall, and attempted
to configure it.  In the end I found it more confusing than my own
custom built script.  Which I have pretty extensively tested. (and which
I will be happy to share if any one is interested).  Frankly, I like
understanding what is going on under the covers... so I unmerged
shorewall, and went back to using my script.  


On Sat, 2003-11-01 at 19:17, Joshua Banks wrote:
> --- Simon_Khling <[EMAIL PROTECTED]> wrote:
> > > I wonder if your firewall is blocking ping scans. Disable the 
> > > firewall and see 
> > > if you can ping google.
> > 
> > well, you are right - disabling the firewall makes ping work again.
> > maybe it is easier to build my own script from scratch instead of
> > using
> > the one from gentoo-security-guide.
> 
> If you insist. Your making allot of extra work for yourself. Shorewall
> already has all of the scripts that you need. All you need to do is
> simply modify them. Trust me. Try it, and you will understand. If you
> don't like it go back to writing everything from scratch. 
> 
> http://www.shorewall.net
> 
> JBanks
> 
> __________________________________
> Do you Yahoo!?
> Exclusive Video Premiere - Britney Spears
> http://launch.yahoo.com/promos/britneyspears/
> 
> --
> [EMAIL PROTECTED] mailing list
> 
-- 
Lincoln A. Baxter <[EMAIL PROTECTED]>


--
[EMAIL PROTECTED] mailing list

Reply via email to