Hello > how is you have only one eth and are providing firewalling?
I did some reading around about firewalls and understrood it like this that even if you have just one eth on computer you can still run a firewall to stop unwanted access to that very computer. It was not necessary to have to eth`s and run a firewall to protect a network behind this computer, that will in this case act as some kind of gateway. Or am i completely wrong? I thoght that that is what all those "personal firewalls" were doing (ref Zone Alarm and Norton Personal Security) Sincerelly Victor P.S. Thanks for a good link. > I started my ipchains learning with TrinityOS by David Ranch > http://www.ecst.csuchico.edu/~dranch/LINUX/index-linux.html > > -----Original Message----- > From: Victor Usjanov [mailto:[EMAIL PROTECTED]] > Sent: Sunday, February 17, 2002 2:02 PM > To: [EMAIL PROTECTED] > Subject: Help with IPchains > > > Hello > > I am trying to run ipchains firewall on my computer connected to corporate > nettwork. I created a set of rules that let web and mail and ssh traffic in > and out, and it works just fine. But i got a problem with NFS and samba > traffic. I did not manage to get it running until i placed "-A input -s > 0/0 -d 0/0 -i eth0 -j ACCEPT" in the ipchains.conf file. But, as far as i > understand this opens for all traffic to all ports over eth0 ( which is the > only network interface in my computer), which is not 100% secure.. or am i > wrong here? > I have tried to remove the above line and add "-A input -s 0/0 139 -d 0/0 -i > eth0 -p tcp -y -j ACCEPT" to let samba traffic in, but nothing happened ( it > startet to deny all kinds of traffic) > > I have tried to search around for hints how to set up ipchains, but all > examples i find describe how to make a conf file for a firewall with a whole > nettwork behind, but not for a stand alone computer. > > I feel kind of lost here... and IPchains-howto on linuxdoc didnt help a lot. > Some can help a little? May be someone knows of some examples i can look at? > > > Thanks in advance > -- > Victor > >
