On Wed, 18 Jun 1997, Philippe Troin wrote: > On Wed, 18 Jun 1997 10:55:41 EST [EMAIL PROTECTED] > wrote: > > One wants a firewall to > > 1. not require logging into the firewall computer itself (TIS requires ............ > I have an `industrial' firewall working out there, fully in the kernel (with > ipfwadm). It masquerades all outbound connections (currently all, but you can > choose which ports to forward and/or allow outbound connections), and refuses > all outside connections except for mail, DNS and http. It also checks for > spoofing (correct addresses on correct interfaces). > >From the user, the only constraint is that he has to use passive ftp. > >Everything else is completely transparent. > > Ipfwadm is hard to figure out at the first glance, but it's really powerful. > > Phil. >
Sorry to jump in with a basic Ipfwadm question, but it seems appropriate. I was wondering if someone might tell me the best place to put ipfwadm commands into my boot procedure. I have a linux box, with two ethernet cards(cable modem/local net), it serves as a masquerading, forwarding, ect, for a dual boot machine(debian/win95). The documentation available was great, and everything works fine despite old cheap nic cards dug out of a box for ten bucks, and my lack of experience. :-) Only thing I haven't automated is the typing in of my basic ipfwadm commands. Can I just throw them at the end of my /etc/init.d/network? Is there a better place? Thanks. Rich M [EMAIL PROTECTED] -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
