Hi list, I need to configure a IPTABLES-based Linux router. Has anyone a sample script to do this to win some time ??? Any help would be appreciated Best regards
Have you considered fwbuilder? It makes firewall rules very simple to develop. On Wed, 2003-11-26 at 16:27, Luc MAIGNAN wrote:
Hi list,
I need to configure a IPTABLES-based Linux router. Has anyone a sample script to do this to win some time ???
Any help would be appreciated
Best regards
On Wed, 2003-11-26 at 23:27, Luc MAIGNAN wrote:
Hi list,
I need to configure a IPTABLES-based Linux router. Has anyone a sample script to do this to win some time ???
Any help would be appreciated
Best regards Have you checked netfilter.org?
-- -- Raymond Leach <raymondl@knowledgefactory.co.za> Network Support Specialist http://www.knowledgefactory.co.za "lynx -source http://www.rchq.co.za/raymondl.asc | gpg --import" Key fingerprint = 7209 A695 9EE0 E971 A9AD 00EE 8757 EE47 F06F FB28 --
Am Mittwoch, 26. November 2003 22:27 schrieb Luc MAIGNAN:
Hi list,
I need to configure a IPTABLES-based Linux router. Has anyone a sample script to do this to win some time ???
Any help would be appreciated
Best regards There are several.
1) Probably the easiest way (but not always the best) ist SuSEfirewall2, configured via /etc/sysconfig/SuSEfirewall2. This file offers few possibilities, but might be enough for most cases. A good hint is to use an external script - see /etc/sysconfig/scripts/SuSEfirewall2-custom or the following documentation for details: ----------------- /usr/share/doc/packages/SuSEfirewall2 /usr/share/doc/packages/SuSEfirewall2/CHANGES /usr/share/doc/packages/SuSEfirewall2/EXAMPLES /usr/share/doc/packages/SuSEfirewall2/FAQ /usr/share/doc/packages/SuSEfirewall2/LICENCE /usr/share/doc/packages/SuSEfirewall2/README /usr/share/doc/packages/SuSEfirewall2/SuSEfirewall2.sysconfig /usr/share/doc/packages/SuSEfirewall2/SuSEfirewall2.sysconfig.EXAMPLE /usr/share/doc/packages/SuSEfirewall2/TODO /var/adm/fillup-templates/sysconfig.SuSEfirewall2 /var/adm/fillup-templates/sysconfig.personal-firewall ----------------- My problem with SuSEfirewall2 was: it seemed impossible to get Masquerading to work with ipsec-VPN. So i had to turn off the Masquerading in /etc/sysconfig/SuSEfirewall2 and turn it on with my own rules in SuSEfirewall2-custom. 2) ipcop comes as an iso-image, is suited especially for an old machine bound to spend the rest of its life as a router-firewall, has many options and is easy to be installed - but it normally deletes the whole disk at install. 3) I can also recommend shorewall, also because you can easily configure it with webmin - but beware: - don't let webmin be running all the time! just login on the machine, start webmin with the /etc/init.d/webmin start and then log in to port 10000. - don't ever use webmin without ssl encryption !!!! there were some bugs last year in the session management and other parts, which could be fatal, especially without ssl. 4) the best solution is surely: buy a good book about firewalls and build your own script - there are many good examples online. I hope i could help you! -- Mit freundlichen Grüßen Markus Feilner -- Linux Solutions, Training, Seminare und Workshops - auch Inhouse Feilner IT Linux & GIS Erlangerstr. 2 93059 Regensburg fon: +49 941 70 65 23 - mobil: +49 170 302 709 2 web: http://feilner-it.net mail: mfeilner@feilner-it.net
Markus Feilner wrote:
Am Mittwoch, 26. November 2003 22:27 schrieb Luc MAIGNAN:
Hi list,
I need to configure a IPTABLES-based Linux router. Has anyone a sample script to do this to win some time ???
Any help would be appreciated
Best regards
iptables-save, iptables-restore? -- Best regards, Maxim Cherniavsky MTU-Intel, Internet Department mailto:maxim@mtu.ru
participants (5)
-
Luc MAIGNAN -
Markus Feilner -
Maxim Cherniavsky -
Quintin Womack -
Ray Leach