Hello List,
I am currently trying to configure an ambedded linux box (openwrt): I would like to generate a script on my main (Debian/Sarge) box for the tiny box (so tiny that bash cannot be installed, so unfortunately I cannot install FireHOL). Any idea ?
Thanks in advance, Jerome
If by no bash you mean that you don't have bash but you still have /bin/sh then here is what I use. It is very basic and uses no advanced shell script constructs.
#! /bin/sh
iptables -F iptables -X iptables -N block iptables -A INPUT -p udp -m udp --dport 22 -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT iptables -A INPUT -j block iptables -A FORWARD -j block iptables -A block -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A block -i ! eth0 -m state --state NEW -j ACCEPT iptables -A block -j DROP
It is just a series of statements. If you have simple requirements (like me), this should be enough. It allows only inbound SSH, and nothing over any connection other than eth0. Incidentally, I use this for my laptop since it is normally behind my firewall at home, but I occasionally take it outside.
-Roberto Sanchez
signature.asc
Description: OpenPGP digital signature
