[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPtables...
I think you may want to test out your firewall...I don't think that
IPtables comes with any real default rules. I would go over to
www.grc.com and to their shields up test. focus on the results of the
"probe my ports" test, if things come up stealth, then IPtalbes is
likely firewalling for you, if ports come up open or closed, then
IPtalbes is likely not packet filtering.
jason
On Sun, 06 Jan 2002, Alexander Wallace wrote:
> Thanks Jason! Each time I do a new thing, the more I realize I know very
> little....
>
> I entered the rules for IPTables by hand, and everything seemed to have
> worked, except, after a while, I realized I was not getting any email! I
> created the file in /etc/inet.d and likn in /etc/rc2.d in place 40, I
> thought that would be good.. not knowing any better I rebooted and
> NOTHING WORKED! Quicly i deleted the link and again not knowing any
> better I rebooted... This time a whole bunch of rules, that I assume
> where default rules loaded and everything works and I'm receiving emails
> again (wew!)... I asume the default rules may not be too secure... I'll
> have to learn a bit more about iptables before messing with them
> again....
>
> Thank you!
>
> On Mon, 2002-01-07 at 02:18, [email protected] wrote:
> > The file name in init.d is irrelevant, the link name in rc2.d is not. It
> > must have the form "SXXwhateverelseherre", the SXX (where XX is the two
> > digit number representing the order in which the scripts are run) is the
> > important part. The number that you select is not trivial. For example,
> > if you start it two early, there might be certain services up in running
> > that are required. For example, before you can laod your firewall, the
> > networking support needs to be started. A common way of handling this is
> > to make a S99local link in rc2.d that points to a file (normally called)
> > local in init.d. In local you can run whatever extra things you want
> > started at boot, and pretty much be assured that everything else that is
> > important is started prior to its running. For example, in my local
> > script, I start my adsl-connect, load the firewall (I start my firewall
> > imeadiately after the connection is made, to minimize the time when
> > there is a connection with out a firewall...if I had a static IP, I
> > would start it prior to connecting), update my dns server, then run a
> > few other things, like loading kernel modules for sensors, so I can know
> > the temperature of my MB and CPU, as well as my fan speeds (they are
> > displayed in gkrellm).
> >
> > Hope that gets you started
> >
> > jason
> >
> >
> > On Sun, 06 Jan 2002, Alexander Wallace wrote:
> > > Hello there! Ok I got the libra gateway working! It was much easyer that
> > > I thought it would be...
> > >
> > > I have a quick question... What shold I do to have the rules for
> > > iptables load automatically at startup? What file shoudl I use? Where?
> > >
> > > I read something about placing a file in /etc/init.d and then link from
> > > /etc/rc2.d. I just what to make sure. I guess the file name is
> > > unimprtant right? and, does it matter if my connection is supposed to be
> > > dynamic?
> > >
> > > Also, me external adapter (eth1) is connected to a roadrunner modem,
> > > when I was doing the rules for ip tables, I gave the static IP for the
> > > external adapter... How do I tell IP tables that eth1 uses dhcp?
> > >
> > > Thanks!
> > >
> > > --
> > > The archive is at https://www.libranetlinux.com/archive.html
> > > To unsubscribe, send email to [email protected]
> > > with a subject of UNSUBSCRIBE.
> >
> > --
> > The archive is at https://www.libranetlinux.com/archive.html
> > To unsubscribe, send email to [email protected]
> > with a subject of UNSUBSCRIBE.
>
>
> --
> The archive is at https://www.libranetlinux.com/archive.html
> To unsubscribe, send email to [email protected]
> with a subject of UNSUBSCRIBE.
--
The archive is at https://www.libranetlinux.com/archive.html
To unsubscribe, send email to [email protected]
with a subject of UNSUBSCRIBE.