Hello Gordon,
Thursday, June 01, 2000, 11:51:10 AM, you wrote:
GM> Duncan Hill wrote:
>> Has anyone got a basic rule or three that I can springboard off of?
>> Or are more details needed?
GM> You could try the script that I use. Get it from:
GM> ftp://duke.eburg.com/pub/linux/init.firewall
GM> Should be really easy to set up. At the beginning of the file, there
GM> are a few environment variables that you have to set. I believe that
GM> the following should work for you:
GM> PARANOID_DEV="eth0"
GM> PARANOIA_ALLOWS_PORTS="22 80"
GM> HOSTS_ALLOW="10.0.0.0/24()-10.0.0.5(:1024)"
GM> where: "eth0" is your ethernet interface, "10.0.0.0/24" is the address
GM> that your lan is using, and "10.0.0.5" is your own IP address.
GM> Comment out the "MASQ_NET" variable, since you aren't a router.
GM> Then, 'mv init.firewall /etc/rc.d/init.d/firewall' and turn it on with
GM> 'ntsysv'. You can run it yourself like any other init script,
GM> '/etc/rc.d/init.d/firewall start'
GM> MSG
While you're at it, look into ipmasqadm for doing port translation
from outside to inside machines.
--
Best regards,
badger mailto:[EMAIL PROTECTED]
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
