Easy to use - non Gui firewall

[jlc]

I'm not sure if you have used this before:

 

Arno's Iptables Firewall Script

 

 

 

Help/Installation

 

Read through all of that, but step 5 is what you are looking for dual-homed machines!

 

That should work for you.

 

 

Filtering by MAC address — The rule:

# /sbin/iptables -A FORWARD -m state --state \

 

NEW -m mac --mac-source 00:C7:8F:72:14 -j ACCEPT

allows only outgoing packets from a known MAC address, given in colon-separated hex notation.

[phunni]

Thanks that looks good - I'll take a look at it

[Gowator]

phunni the stuff I pasted is from MASQUERADING MADE SIMPLE.

I think we have the 20% rule here ... I know 20% more than you did ... but Im not an expert. I rely (too much) on webmin for IPTABLES (and even that isnt the best) but I used that script myself and it worked which is why i posted it for ya.

 

Try the rest of the doc.... Its on LDP.... and like I say only 8 pages :D

[phunni]

It's all sorted now - I have a firewall set up exactly how I'd like it now - using arno's firewall

 

The slow email looked like it was a problem with the mail server trying to authorise me via port 113 and waiting till it timed out - however it ultimately turned out to be xinetd doing something odd everytime I tried to connect - it's been sorted out server side now, so my firewall is still rock solid and DENYing everything :D

[jlc]

sweet!