"Robert L. Harris" wrote:
>
> I've got my handy-dandy firewall up and running with iptables. However
> I'm always looking for a better way to lock it down. Can anyone send me
> a "here's mine" or close for something that does this:
>
> Allows all oubound new connections from inside on my 192.168.0.0/24 (or the
> IP of ETH0 on my firewall?)
> Allows all connections to my firewall from 192.168.0.0/24
> Drops all packets inbound from the internet except:
> http
> ssh
> ftp
>
> Logs all dropped attempts/scans to a different syslog title so I can
> save it off to a different file?
<http://leaf.sourceforge.net>
--
Best Regards,
mds
mds resource
888.250.3987
Dare to fix things before they break . . .
Our capacity for understanding is inversely proportional to how much we
think we know. The more I know, the more I know I don't know . . .
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
