[mdlug] Any good resources for IPTables?
Jim Broughton
spjamesb at gmail.com
Tue Aug 23 22:33:33 EDT 2011
On 08/23/2011 02:55 PM, Robert Adkins II wrote:
> I'm looking for some good resources that have a decent breakdown of the
> syntax of existing chains as well as how to build chains. I don't mind
> picking up a book on the subject. I have dug through a handful of online
> resources, but I have been finding them wanting in terms of how the
> information is presented.
>
> Thanks,
> Rob
> _______________________________________________
> mdlug mailing list
> mdlug at mdlug.org
> http://mdlug.org/mailman/listinfo/mdlug
>
Are you looking to build custom chains or just work within the standard set?
I have written a few small firewall scripts and I have found your best bet is the
man page for iptables itself. The first thing you have to do is write down a
description
in English as to exactly what you wish to accomplish. As in... If an incoming
packet
from ip address xxx.xxx.xxx.xxx is trying to initiate a connection to port 25
should
it be allowed through. Or I don't want any connections to port 22 except for
these ip address or
this ip range that I determine should be able to connect.
I find that being able to look at examples is a great way to learn so...
Perhaps if you threaten me enough I'll even send you a modified for safety
version of one that has
been keeping a couple of my administered sites safe for over 5 years.
The firewall contains some good examples of connection logging, limiting
connection hits, nat,
port forwarding with and without logging and country blocking.
More information about the mdlug
mailing list