ipchains

Darren Osadchuk osadchuk at pangea.ca
Sat Mar 18 10:37:52 EST 2000


On Sat, 18 Mar 2000 moebius at ip-solutions.net wrote:

>Hey Darren,
>  Unfortunately, you did not succesfully compile firewalling into your
>kernel. What sys are you using? Perhaps with a little more info we can
>give a lot of help. Please post kernel, distro, etc...

Here's all the messy details:

Distro: RH 6.1
Kernel: 2.2.14
ipchains: 1.3.9 (no idea if this matters, so I'll include it)

It's a standalone box that I don't want any external access to (for now,
anyway). I've already shut off pretty much everything in inetd.conf, and
just want to set up a firewall that only lets in "on demand" traffic.

Under "Networking Options" in the kernel config, I have checked off (and
again, since I'm not sure exactly what's directly relevant to firewalling 
and what's not, I'll include it all):

Packet socket
Kernel/Use netlink socket
Routing messages
Network firewalls
Unix domain sockets
TCP/IP networking
IP: advanced router
IP: firewalling
IP: optimize as router not host
IP: TCP syncookie support

This is a compilation of what's recommended by the IPCHAINS and the
Firewalling How-Tos (plus the obvious stuff).

Is there any other info I should post?

Thanks,
Darren






More information about the Techtalk mailing list