build a firewall yourself
make sure you have what you need to run a firewall
apt-get install iptables klogd sysklogd
http://easyfwgen.morizot.net/gen/
http://www.citadec.com/FirewallGenerator.html
there are a bunch of them....
then just copy the output to a file on your system
for example .. /etc/firewall/'firewall_main'
then type the following command;
#iptables-restore < /etc/firewall/firewall_main
and check to see if the fire wall is up and running
#iptables -L
you should see the output of the script you wrote (from one of the sites)
you can also build a script that will open everything just incase you have problems
for example .. /etc/firewall/'firewall_reset'
## firewall_reset
#
*filter
:INPUT ACCEPT [164:15203]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [147:63028]
COMMIT
*mangle
:PREROUTING ACCEPT [164:15203]
:INPUT ACCEPT [164:15203]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [147:63028]
:POSTROUTING ACCEPT [147:63028]
COMMIT
*nat
:PREROUTING ACCEPT [14:672]
:POSTROUTING ACCEPT [9:684]
:OUTPUT ACCEPT [9:684]
COMMIT
#
and you can run this to open up everything
#iptables-restore < /etc/firewall/firewall_reset
#iptables -L
you should see the output of teh script you wrote (/etc/firewall/firewall_reset)
now if you find a script you like you can have it start on boot with the ifupdown iptables commands.
open /etc/network/interfaces with your favorite editor and add the following lines (following my examples)
# The primary network interface
#auto eth0
#iface eth0 inet dhcp #<- after this block#
pre-up iptables-restore < /etc/firewall/firewall_main
post-down iptables-restore < /etc/firewall/firewall_reset
now you will will have your cumtom firewall script start when your network interface is started and stop when it is shut down
