Duncan Hill wrote:
> Has anyone got a basic rule or three that I can springboard off of?
> Or are more details needed?
You could try the script that I use. Get it from:
ftp://duke.eburg.com/pub/linux/init.firewall
Should be really easy to set up. At the beginning of the file, there
are a few environment variables that you have to set. I believe that
the following should work for you:
PARANOID_DEV="eth0"
PARANOIA_ALLOWS_PORTS="22 80"
HOSTS_ALLOW="10.0.0.0/24()-10.0.0.5(:1024)"
where: "eth0" is your ethernet interface, "10.0.0.0/24" is the address
that your lan is using, and "10.0.0.5" is your own IP address.
Comment out the "MASQ_NET" variable, since you aren't a router.
Then, 'mv init.firewall /etc/rc.d/init.d/firewall' and turn it on with
'ntsysv'. You can run it yourself like any other init script,
'/etc/rc.d/init.d/firewall start'
MSG
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
