Grant <[EMAIL PROTECTED]> writes: >> > iptables -P INPUT DROP >> > iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT >> > iptables -A FORWARD -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT >> >> This line is only needed if you want to forward packets to another >> iface/device (i.e. when your laptop is acting as a router and the input >> interface is eth0). > > Alright I guess I'll just set up shorewall on the laptop with a config > similar to the router's. Maybe I'll set up shorewall on the other > system in my local network while I'm at it.
Wait... I'm pretty sure there are a few lines of IPTABLES code that will do what you want. I remember using something with IPTABLES that made any connections from internet only happen in response to requests from your localhost. I don't remember the lines now but someone might post it. Wouldn't the above and not running any unnecessary services be pretty good protection for what your after? I've hooked up to many networks while traveling without anything at all (Except not running any unnecessary services) with windows based laptop and never had a bit of trouble. So I'd expect a linux based host to do even better. -- [EMAIL PROTECTED] mailing list
