Re: [Hampshire] iptables query

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MChris Dennis at <-
MJan Henkins at ->

Reply to this message
Author: john lewis
Date:  
To: hampshire
Subject: Re: [Hampshire] iptables query
On Wed, 21 Apr 2010 23:32:04 +0100
Chris Dennis <cgdennis@???> wrote:

> Keith Edmunds wrote:
> > Life is too short to write iptables rules by hand.
>
> True.
>
> > We use Shorewall, which
> > is excellent so long as you're happy with a non-GUI,
> > configure-by-editing-files tool.
>
> I get on better with Firehol, which is similar to but different from
> Shorewall.

I looked at several of these 'tools' for writing iptables rules and
thought them a bit over the top for a single server which collects and
passes on via my ISP any emails sent to a specific email address, serves
up static web pages generated by geneweb and provides a gallery of
pictures. I need ssh access to the server and to stop anyone else from
accessing it for anything else.

However I am not sure my handwritten table is secure/comprehensive
enough. Could I use shorewall, firehol etc to generate iptables on my
local system then scp them to the server?

I realised I need to do something to make my server more secure as a
result of a long thread on the bitfolk user list.

--
John Lewis
using Debian sid


This message was posted to the following mailing lists:
Hampshire LUG
Mailing List Info | Nearby Messages		<-[Hampshire] apt/dpkg questionRe: [Hampshire] iptables query->
Hampshire LUG Mailing List Archive administrated by WebmasterLurker (version 2.3)