Arthur Poirot
05-29-2006, 12:44 AM
3 or 4 years ago, Guarddog didn't exist and I wrote a stateful firewall with Daniel Robbins' instructions on IBM's site and a few hacks I got on the net. Until now, it seems the firewall works quite well and, if I switch to Debian/Knoppix, I would like to keep it and install it the right way in Debian/Knoppix
In Slackware, things are easy. Let's say I'm a real ignorant about Linux, which is quite exact, and all I've read is the Linux Pocket Guide. How do I learn to install a firewall?
If I look in /etc/rc.d/, there are 2 files that look like the way geeks could name files pertaining to internet: rc.inet1 and rc.inet2.
So I:
less rc.inet1
and the first line in the file says:
"This script starts up the base networking system."
This might be it! let's see.
cat rc.inet1 | grep -i firewall
Nothing. Too bad. Let's see the other file:
cat rc.inet2 | grep -i firewall
returns:
if [ -x /etc/rc.d/rc.firewall ]; then
/etc/rc.d/rc.firewall start
# required if you plan to use your Linux machine as a router or firewall.
The first 2 lines seem interesting. It says that if I've got a file called /etc/rc.d/rc.firewall and it is executable, it should be start-ed. So... normally, the file must be written this way:
start ()
{
iptables commands
}
start
I believe that's it in pretty much plain english. I know which file asks that the firewall be started, I know how the firewall is usually called, so that if another sysadmin replaces me he can find the file in no time at all. And I know that it should be chmoded x.
Bingo! No need to look on the net. EVERYTHING is there, all instructions available in a matter of minutes. Can anybody tell me how to find information this way in Debian/Knoppix? This is how I'd like to start my firewall, despite there being apparently a 1000 other ways to do it.
Regards!
In Slackware, things are easy. Let's say I'm a real ignorant about Linux, which is quite exact, and all I've read is the Linux Pocket Guide. How do I learn to install a firewall?
If I look in /etc/rc.d/, there are 2 files that look like the way geeks could name files pertaining to internet: rc.inet1 and rc.inet2.
So I:
less rc.inet1
and the first line in the file says:
"This script starts up the base networking system."
This might be it! let's see.
cat rc.inet1 | grep -i firewall
Nothing. Too bad. Let's see the other file:
cat rc.inet2 | grep -i firewall
returns:
if [ -x /etc/rc.d/rc.firewall ]; then
/etc/rc.d/rc.firewall start
# required if you plan to use your Linux machine as a router or firewall.
The first 2 lines seem interesting. It says that if I've got a file called /etc/rc.d/rc.firewall and it is executable, it should be start-ed. So... normally, the file must be written this way:
start ()
{
iptables commands
}
start
I believe that's it in pretty much plain english. I know which file asks that the firewall be started, I know how the firewall is usually called, so that if another sysadmin replaces me he can find the file in no time at all. And I know that it should be chmoded x.
Bingo! No need to look on the net. EVERYTHING is there, all instructions available in a matter of minutes. Can anybody tell me how to find information this way in Debian/Knoppix? This is how I'd like to start my firewall, despite there being apparently a 1000 other ways to do it.
Regards!