He has a website with a firewall building tool that works pretty well. http://www.linux-firewall-tools.com/linux/firewall/index.html
Chris Gahlon mikehaarman wrote: > There is an excellent book on just this topic by a fellow named Robert > L. Ziegler, published by New Riders and called <emph>Linux > Firewalls</emph>. > > A good general discussion of the issues and a couple of good recipies. > > Also some useful resources at openna.com Gmourani's book has some > ipchains recipies as well. > > mike > > On Sat, 4 Nov 2000, Troy Telford wrote: > > > Having looked and not found, I'm asking here: > > > > Is there any place where I can find a general ruleset for a firewall? > > > > And, moreover, while many howto's mention how to specify a rule for a > > ruleset, they do not specify *what* rules are good/bad/ugly, etc. > > > > For instance: > > > > Even though packets coming from an FTP port are allowed (supposedly to > > allow FTP downloads...), apt-get is unable to function properly. > > > > Moreover, I have no idea what a 'good' ruleset to simply allow FTP > > requests from my machine (such as those made by an FTP client on my > > machine, apt-get, etc.) are reasonably secure. And, in my case, I have > > incoming FTP disabled, but is there a way to block packets at the > > firewall (from people requesting FTP services on my computer), while > > allowing my FTP requests to go unhindered? > > > > In fact, I couldn't really find any good information on general firewall > > construction. I could find information on how to set a rule for the > > firewall; but now I need to find information on *what* kind of rules are > > good, and why (and what is bad, and why). > > > > Another Example: From what I understand, all TCP/UDP ports above 1024 > > are 'user' ports, and have no services attatched to them. What kind of > > possible security problems/other risks are involved by having these > > ports essentially 'open' to the world? What is the tradeoff with > > closing them off? > > > > For my particular situation, the computer is connected directly to the > > internet on a campus network. I want to be able to have a good 'basic' > > firewall ruleset that will allow me to do my normal tasks as though > > there were no firewall active, yet filter out all incoming connection > > requests (such as telnet, ftp, etc.). I'm running kernel 2.4.0-test9; I > > have iptables figured out and can apply rulesets just fine. It's > > knowing what rules make sense and what ones don't that I need help on. > > > > I'm more interested in learning how to create a good firewall than > > simply having one. (So I can make one from scratch should I ever have a > > specific need). > > > > Thanks for any help offered. I hope I didn't run in too many circles! > > > > -Troy > > > > > > -- > > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
