[TriLUG] a quick firewall

Jon Carnes jonc at nc.rr.com
Wed Aug 13 13:18:17 EDT 2003


On Wed, 2003-08-13 at 12:08, Daniel Monjar wrote:
> I want to build an internal firewall that will sit between an Internet 
> connected device and my core switch.  I want this guy to pass transparently 
> everything it gets with the exception of certain IP ports.
> 
> Given a box with two net cards and a recent version of linux this should be 
> easy, right?
> 
> Any pointers?
> 
> --
> Daniel Monjar
> Manager, Technical Services
> bioMérieux, Inc.
> Durham, NC US

You could use one of the many packages out there (Mandrake uses
Shorewall) or you could simply plug through the iptables rules for
excluding the ports you want dumped.

Shorewall basically does all this for you and logs any attempted
access.  I really like that, because it helps me troubleshoot.

Jon Carnes




More information about the TriLUG mailing list