LinuxQuestions.org - Sarge Software Firewall

build a firewall yourself
make sure you have what you need to run a firewall

apt-get install iptables klogd sysklogd

http://easyfwgen.morizot.net/gen/
http://www.citadec.com/FirewallGenerator.html

there are a bunch of them....

then just copy the output to a file on your system

for example .. /etc/firewall/'firewall_main'

then type the following command;

#iptables-restore < /etc/firewall/firewall_main

and check to see if the fire wall is up and running

#iptables -L

you should see the output of the script you wrote (from one of the sites)

you can also build a script that will open everything just incase you have problems

for example .. /etc/firewall/'firewall_reset'

## firewall_reset
#
*filter
:INPUT ACCEPT [164:15203]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [147:63028]
COMMIT

*mangle
:PREROUTING ACCEPT [164:15203]
:INPUT ACCEPT [164:15203]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [147:63028]
:POSTROUTING ACCEPT [147:63028]
COMMIT

*nat
:PREROUTING ACCEPT [14:672]
:POSTROUTING ACCEPT [9:684]
:OUTPUT ACCEPT [9:684]
COMMIT
#

and you can run this to open up everything

#iptables-restore < /etc/firewall/firewall_reset

#iptables -L

you should see the output of teh script you wrote (/etc/firewall/firewall_reset)

now if you find a script you like you can have it start on boot with the ifupdown iptables commands.

open /etc/network/interfaces with your favorite editor and add the following lines (following my examples)

# The primary network interface
#auto eth0
#iface eth0 inet dhcp #<- after this block#
pre-up iptables-restore < /etc/firewall/firewall_main
post-down iptables-restore < /etc/firewall/firewall_reset

now you will will have your cumtom firewall script start when your network interface is started and stop when it is shut down