Question about iptables in Debian
John Heim
jheim at math.wisc.edu
Fri Nov 17 08:29:00 EST 2006
Configuring iptables is not for the faint of heart. More power to you if as
a newbie, you're already at that stage. But you might consider downloading a
package for configuring a firewall rather than trying to configure iptables
yourself.
I personally cannot recommend a package because I've been configuring my
firewall manually since before there was iptables. There used to be
something called ipchains that did something similar.
But if you find a nice, easy to use package, let me know. I haven't messed
with my firewall in ages and it could probably be improved. Actually, an
explanation of what I do might be useful here.
I have a shell script called firewall. What it does is clears the iptables
rules and reloads them one at a time. So instead of typing in iptables
commands to add rules, instead, I edit this script and re-run it. Then, when
I'm satisfied that it does what I want, I run iptables-save, redirect the
output to a file, and then when I restart nnetworking, I have it set up to
restore the rules from that file.
In debian, that last thing can be done by adding a line to
/etc/networking/interfaces. In the eth0 section I have something like:
POST-UP /sbin/iptables-restore /etc/networking/iptables.rules
The beauty of this method is that if I mess up the firewall script, say I
add a rule that locks me out, I can reboot and it automatically goes back to
the old rules.
----- Original Message -----
From: "Christian" <christian08 at runbox.com>
To: <speakup at braille.uwo.ca>
Sent: Thursday, November 16, 2006 5:26 PM
Subject: Re[2]: Question about iptables in Debian
> Hi,
> Thanks for that. I dont have any web/sshd/ftp server running. Since I am
> still learning this i have to ask. I am still using Windows most of the
> time but would really like to be able to use Linux more and more.
> Many thanks,
> Christian
>
>
> On 2006-11-16 at 13:44 John Heim wrote:
>
>>I don't think any rules are installed by default. But you can see which
>>rules are in effect by
>> rrunning iptables-save.
>>
>>----- Original Message -----
>>From: "Christian" <christian08 at runbox.com>
>>To: <speakup at braille.uwo.ca>
>>Sent: Thursday, November 16, 2006 1:00 PM
>>Subject: Question about iptables in Debian
>>
>>
>>> Hi all,
>>> When installing Iptables, are some basic rules created? I suppose that I
>>> have no firewall installed at this time when making a new install of
>>> Debian. Running the Etch version.
>>> Many thanks,
>>> Christian
>>>
>>>
>>> _______________________________________________
>>> Speakup mailing list
>>> Speakup at braille.uwo.ca
>>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>>>
>>>
>>
>>
>>_______________________________________________
>>Speakup mailing list
>>Speakup at braille.uwo.ca
>>http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
>
>
>
> _______________________________________________
> Speakup mailing list
> Speakup at braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
>
More information about the Speakup
mailing list