IPtables configuration script

Networking/Security Forums -> UNIX // GNU/Linux

Author: Jason PostPosted: Wed Dec 18, 2002 7:44 pm    Post subject: IPtables configuration script
    ----
Hi all,

I am looking for a command line script that configures IPTABLES on a RH8 box (bash shell).

The script should have support for DDOS protection, and Packet Forwarding as the box will act as a gw. Should allow me to configure some settings, such as which ports to allow inbound.

Perl is available on the box.

Any Suggestions / recommendations Please...

Cheers, J

Author: b4rtm4nLocation: Bi Mon Sci Fi Con PostPosted: Sat Dec 21, 2002 9:42 pm    Post subject:
    ----
A reading recomendation .....

Linux Firewalls 2nd Edition from New Riders press.

Covers most of what u need! Smile

Author: Jason PostPosted: Sat Dec 21, 2002 9:48 pm    Post subject:
    ----
Cool.

Doing it all with IPTABLES is not really a problem, other than the fact it takes a long time... Rolling Eyes

There are many scripts such as NARC, that you just change a few settings to suit your needs, then it creates all of the iptables rules for you.

After that simply dump "iptables-save /etc/sysconfig/iptables" to save them.

"5 minutes and your done"

Looking for something like that...

Cheers, J

Author: b4rtm4nLocation: Bi Mon Sci Fi Con PostPosted: Sun Dec 22, 2002 1:38 am    Post subject:
    ----
been there n tried that using ipchains!

The N R web site had the core scripts availble for d/l'ing.

Don't want to do the lazy "config script" option here. Best to build your own on the what ever isn't allowed is blocked basis.

Gotta get hard on ip access! Smile

Author: delete852Location: Washington DC PostPosted: Sun Dec 22, 2002 3:52 pm    Post subject:
    ----
I just want to ask something really quick, in iptables you specify the packets that you want to come throught, or you specify the ones you want to deny?

Author: Jason PostPosted: Sun Dec 22, 2002 4:02 pm    Post subject:
    ----
delete852 wrote:
I just want to ask something really quick, in iptables you specify the packets that you want to come throught, or you specify the ones you want to deny?


Not sure if i fully understand the Question...

IPTables is a tool that you can use to create a series of "rules". These rules can allow or deny packets that flow in and out of your machine.

J

Author: delete852Location: Washington DC PostPosted: Sun Dec 22, 2002 6:13 pm    Post subject:
    ----
What I ment is the things you specify, do you specify which packets the computer should deny, and then it allows everything else. Or do you specify which ones it should allow, in which case, it woul deny everything that is not specified. From your post I take it that you can do it both ways right?

Author: Jason PostPosted: Sun Dec 22, 2002 7:07 pm    Post subject:
    ----
Correct, that is the default policy.

You can set it to allow everything except from what to explicitly deny

-OR-

You can set it to deny everything except from what to explicitly allow

J



Networking/Security Forums -> UNIX // GNU/Linux


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group