30 Apr
2014
30 Apr
'14
8:46 p.m.
Warning to 'echo', 'discard' and
'daytime' services too
since as per the 'chargen' they can otherwise be
used for some nasty denial-of-service attacks.
This is a frequently encountered problem, stemming either from lazyness or
inexperience.
Do we need a standard ruleset, and documentation to use it, and have this
in the wiki? iptables or iproute2? Does anyone HAVE a working iproute2
setup?
This stuff can be a pain I know - a bit like mowing your lawns, but if you
don't do it, eventually you'll be sorry.
10 May
10 May
5:22 p.m.
New subject: 44Net Digest, Vol 3, Issue 89
Do we need a standard ruleset, and documentation to
use it, and have this
in the wiki? iptables or iproute2? Does anyone HAVE a working iproute2
setup?
There are tons of example iptables examples out there though I always
recommend people to review and tailor the ruleset for their own needs.
One such non-AMPR example is the IP Masquerade HOWTO example:
http://www.tldp.org/HOWTO/IP-Masquerade-HOWTO/stronger-firewall-examples.ht…
The above example is distribution agnostic so it should work on your
preferred flavor but there can be benefits of adapting it to either your
distribution's native firewall syntax or to some higher level tool that
incorporates features like QoS, etc (shorewall, etc). I'm willing to
take a stab at putting a baseline config into the Wiki but give me a bit
to troll through the archives, review various people's submitted
configs, etc. and hopefully come up a config that will work for most
base deployments.
--David
KI6ZHD
3648
days inactive
3658
days old
1 comments
2 participants
participants (2)
-
David Ranch -
Steve Wright