fmmarzoa@vivaldi:~ > rpm -ql ipchains | grep ps /usr/doc/packages/ipchains/ipchains-quickref.ps fmmarzoa@vivaldi:~ > Try that document too, it was *a lot* of useful for me (I didn't need more information). Steffen Dettmer wrote:
* KULISHdotCOM wrote on Tue, Mar 14, 2000 at 20:11 -0600:
Guess I should have made that a little clearer ;).
Guess you're right ;) Well, I'm not an ipchains guru or so, but I'll try to answer anyway...
I am wanting to figure this out from scratch.
Yepp, that's not a bad way...
I recommend [...] MS Proxy depending upon the situation.
BTW: Have you ever seen such a situation ?? :) SCNR.
Being able to configure ipchains from scratch would be a great solution for clients on a limited budget.
Well, so just do it :) ipchains should come with a man page describing the syntax you have to use. You want to reject/deny everything not exlicitly allowed, so you would set up your default policy as reject/deny (ipchains -P). If you start with flushed chains (ipchains -F), you need to append your rules only (ipchains -A .... -j ACCEPT). Finally you want to log all rejected packet. So you append a log rule at last (i.e. ipchains -A -l -j REJECT). If you have problems that are more specific, or some error messages or so, you would get more informations here I think ;)
I don't know anything about the SuSE Scripts (once upon a time I took a look and could understand it just in time - so it was not my choice for security).
oki,
Steffen
-- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- Francisco M. Marzoa Alonso Nuevo Mundo - Dpto. Informático ICQ#: 62850923 Henri Dunant, 19 - 28036 Madrid tfno: +34 91 343 18 40 ext. 207 España / Spain fax: +34 91 350 28 45