Hello Gordon,
Sorry, my reply wasn't directed to you, but the original poster of the
message - my *happy* finger absent mindedly clicked the
button...habit.
badger
Thursday, June 01, 2000, 9:31:35 PM, you wrote:
b> Hello Gordon,
b> Thursday, June 01, 2000, 11:51:10 AM, you wrote:
GM>> Duncan Hill wrote:
>>> Has anyone got a basic rule or three that I can springboard off of?
>>> Or are more details needed?
GM>> You could try the script that I use. Get it from:
GM>> ftp://duke.eburg.com/pub/linux/init.firewall
GM>> Should be really easy to set up. At the beginning of the file, there
GM>> are a few environment variables that you have to set. I believe that
GM>> the following should work for you:
GM>> PARANOID_DEV="eth0"
GM>> PARANOIA_ALLOWS_PORTS="22 80"
GM>> HOSTS_ALLOW="10.0.0.0/24()-10.0.0.5(:1024)"
GM>> where: "eth0" is your ethernet interface, "10.0.0.0/24" is the address
GM>> that your lan is using, and "10.0.0.5" is your own IP address.
GM>> Comment out the "MASQ_NET" variable, since you aren't a router.
GM>> Then, 'mv init.firewall /etc/rc.d/init.d/firewall' and turn it on with
GM>> 'ntsysv'. You can run it yourself like any other init script,
GM>> '/etc/rc.d/init.d/firewall start'
GM>> MSG
b> While you're at it, look into ipmasqadm for doing port translation
b> from outside to inside machines.
--
Best regards,
badger mailto:[EMAIL PROTECTED]
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
