Hi, I have aked kind of the same question regarding iptable last week. Look through replies and you'get an idea on how to start with your own iptables scripts from scratch :-)
Regards, Yuriy ---------- Forwarded message ---------- From: J.A. de Vries <[EMAIL PROTECTED]> Date: Jul 4, 2005 9:40 AM Subject: Re: iptables related query To: debian-user@lists.debian.org On 2005-07-03 @ 21:40:06 (week 26) Mal Beaton wrote: > I prefer to use sub chains to identify from the internet or from > internal etc I do too, but as the corresponding webpage states: <quote> Note that this ruleset is written with readability and clearness in mind so anyone can fathom it. Thus it is optimized for understandability and not for speed. For a standard workstation or a server with limited amounts of traffic that won't pose any problem. In an environment with huge amounts of traffic or where Network Address Translation is used a more complicated ruleset will be needed. </quote> I might redo it though (if I find the time)... > I also learnt from a very experienced firewall administrator to use the > long switches so anyone else can easily read the scripts That's very sound advice, which I couldn't agree with more. Grx HdV -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
