[MLB-WIRELESS] IP Tables.
Zoi Jones
zoiqq at yahoo.com.au
Wed Apr 6 12:13:47 EST 2005
Ok,
So I need to setup my p2-333 with SHOREWALL maybe ?
Is that a distro or a package to install onto some
other distro ?
If its a distro in itself where can it find it ?
If its a package (which from my googleing it appears
it is) which distro is 'ease of install and setup' for
this linux noob ?
Still Hopeing to be at this Fridays meeting, I'll be
the one looking very dopey, (oh hang-on thats most of
us).
Maybe one month I'll just bring the whole machine and
get someone at the meeting to set it up ;)
Phil.
--- Donovan Baarda <abo at minkirri.apana.org.au> wrote:
> On Wed, 2005-04-06 at 01:11 +1000, sanbar wrote:
> > Phil NodeHPL wrote:
> [...]
> > > IP Tables.
> >
> > Ooh. The black art of firewalling. Werd.
> [...]
> > Firewalling ain't easy, as you really need to know
> what you are doing to
> > get a system secure. If you want to learn it,
> start with someone else's
> > (a really good starting point is a script at
> >
>
http://orbital.wiretapped.net/~technion/iptables.txt),
> pull it apart,
> > break it, and put it back together.
> > Some people are paid a lot of money (unless they
> work for Dodo) to sort
> > out the problem you've just described, and I
> haven't even scratched the
> > surface of stuff such as network address
> translation, shutting down
> > unnecessary services, mac filtering and so on.
> This level of network
> > control is hard to do for a beginner, and even
> harder to get right.
> [...]
>
> I'm amazed people still even consider writing
> iptables rules. There are
> tons of decent firewall packages out there that will
> do it all for you.
> Why re-invent the wheel when you can focus on
> tweaking the car.
>
> I like shorewall, because it makes simple things
> easy, but can handle
> complex setups (I had static IP ISDN, dynamic IP
> ADSL, public wireless,
> local LAN, and dialin modems all at once, with dual
> load-balanced
> default routes, source based routing, and
> wondershaper traffic shaping;
> 6 different zones in all).
>
> --
> Donovan Baarda <abo at minkirri.apana.org.au>
> http://minkirri.apana.org.au/~abo/
>
>
Find local movie times and trailers on Yahoo! Movies.
http://au.movies.yahoo.com
To unsubscribe: send mail to majordomo at wireless.org.au
with "unsubscribe melbwireless" in the body of the message
More information about the Melbwireless
mailing list