|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [suse-security] Making an iptables firewall?
From: Roland Kuhn (rkuhn
e18.physik.tu-muenchen.de)
Date: Sun Apr 13 2003 - 07:42:15 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi!
On Sun, 13 Apr 2003, Trey wrote:
> I have a pc I am setting up as a firewall for my LAN at work.
> I have installed two NIC's & suse8.1 on it
> I read in a HOWTO that for me to "netfilter" with iptables, making my firewall
> I hade to compile this file I downloaded "bridge-nf-0.0.7-against-2.4.19.diff."
> The howto was very generic, & not suse specific.
> Is this true? Or can I use Yast to get the same results?
> Thanks,
What do you want to do? The bridge-nf-patch is for building a transparent
(non-routing) firewall, which you probably won't need. It is more common to
configure a Linux box as router (the "default gateway" for your work LAN's
computers), running iptables on it. There are quite a few firewall scripts,
some are provided by SuSE, but I'm not familiar with these.
It sounds like you don't know yet what you really need, and it's difficult to
be of any help in that respect, as it requires intimate knowledge of your
networking situation. There are some excellent docs out there, which you could
use to get an overview:
http://www.netfilter.org
see the documentation section, maybe first c few tutorials, the networking
howto and then the packet filtering howto.
http://www.tldp.org/HOWTO/Firewall-HOWTO.html
is a bit outdated (doesn't know about iptables), but it gets you started with
Firewall concepts.
The Linux kernel is the most fexible, capable and amazing tool for all things
concerning IP networking, but this also means that you need to know exactly
what you want in the first place ;-)
Ciao,
Roland
+---------------------------+-------------------------+
| TU Muenchen | |
| Physik-Department E18 | Raum 3558 |
| James-Franck-Str. | Telefon 089/289-12592 |
| 85747 Garching | |
+---------------------------+-------------------------+
"If you think NT is the answer, you didn't understand the question."
- Paul Stephens
--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]