I've got my handy-dandy firewall up and running with iptables. However
I'm always looking for a better way to lock it down. Can anyone send me
a "here's mine" or close for something that does this:
Allows all oubound new connections from inside on my 192.168.0.0/24 (or the
IP of ETH0 on my firewall?)
Allows all connections to my firewall from 192.168.0.0/24
Drops all packets inbound from the internet except:
http
ssh
ftp
Logs all dropped attempts/scans to a different syslog title so I can
save it off to a different file?
I've got everything but the logging working from man pages, examples,
etc but there's always the "it'd be better if...." I'm looking for.
I'll be happy to share the final outcome for any others wanting. When
done I'll send a "hey, I got this, let me know if you want it".
Robert
:wq!
---------------------------------------------------------------------------
Robert L. Harris
DISCLAIMER:
These are MY OPINIONS ALONE. I speak for no-one else.
FYI:
perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
