[Techtalk] Help with iptables configuration
Tammy Cravit
tammy.lists at warmfuzzy.com
Sun Aug 17 14:32:06 EST 2003
Hi, all,
I've been working on cleaning up some security stuff (old versions of
RPMs, etc.) on a server belonging to a client of mine. One of the things
I'd like to do before I turn their server loose is to set up some TCP/IP
security using iptables, which I've never done before. Through a
combination of the man pages and howtos and the LinWiz://ServerFirewall
web page (http://www.lowth.com/LinWiz/1.09/ServerFirewall/fw.pl), I've
come up with a configuration that I *think* will do the trick. Since
this is a production server, though, I'd like to get more experienced
eyes than mine to look it over before I try to deploy it. So, if anyone
could take a look and let me know if I've done anything obviously stupid
or overlooked anything obvious, I'd greatly appreciate it.
The file is online at
http://apache.warmfuzzy.com/fwconfig/iptables.sh.txt
The only thing I've changed in that file (for obvious reasons) was to
XXX out the server's IP address and the addresses of its "trusted
hosts". :-)
Any feedback, advice, etc. would be GREATLY appreciated! (And yes, I
know there's probably a way to set up some of this stuff more easily in
RH-specific config files, but I put everything in one place so I can
reuse the configuration on other Linux servers for my other clients.)
Thanks so much!
Tammy
--
Tammy Cravit, tammy at warmfuzzy.com <mailto:tammy at warmfuzzy.com> | "Courage is the price that life
http://www.warmfuzzy.com/ | exacts for granting peace."
http://www.warmfuzzy.com/blog/ | - Amelia Earhart
More information about the Techtalk
mailing list