[KLUG Members] IPChains problem
members@kalamazoolinux.org
members@kalamazoolinux.org
Fri, 07 Jun 2002 12:02:55 -0400
>> What I want to do....
>> I want to stop anything BUT http (80) ssh (22), DNS (53) ftp
>> (20/21), and ICMP messages (the consequences of blocking those
>> are fairly clear and nasty) for getting IN or OUT of this box.
>
>Short answer without reading your rules: For something that simple use
>the firewall setup that Redhat lets you configure when you install the
>system. Tell it "medium firewall" and select those ports to be open.
>
>If you've already installed, you can run "lokkit" to [re]configure the
>Redhat firewall rules. (RPM installation from CD#1 may be necessary)
Well, I'll give that a try, and actually a lot of the rules are based on
what lokkit does. Mostly, this is an exercise in understanding what the
ruleset is and how it works, not merely a matter of applying the right
(higher-level) tool, which may have other (perhaps just as opaque) side-
effects.
Regards,
---> RGB <---