Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am trying to secure a interface that is attached to my system, eth1.
I have tried to use the command iptables -A INPUT -i eth1 -p tcp --syn -j DROP
But that just kills all TCP communication on both interfaces, eth0
and eth1.
Does anyone have any idea on how to leave eth0 completly open, but not
have any communication on eth1. The reason I want to do this is that
eth1 is connected to the DMZ on my router and has snort listening
there. the machine is'nt acting as a gateway, it is just a server running snort on eth1, which is its only task on eth1, eth0 is the main interface connected to the router.
check out firestarter for simple setup of iptables. there are quite few good iptables guides and howtos online, find a firewall script you can model yours on.
RedHat has a very simple to use program called lokkit
This will allow you to do anything with your current setup with the exception of running servers. If you have a server running you need to use custom settings and select the server type. You can choose interfaces to firewall or trust, configure for dhcp, and dns.
lokkit can be run from the command line also. Just tab over to ok and hit enter.
Note: it will only allow your current dns server to work. If the dns settings change as in using multiple isp's then after connecting you need to run lokkit again to update the dns settings.
If you use the Network Device Control application which uses the ifup scripts to setup your connection it will configure your firewall for dns each time you connect.
Last edited by DavidPhillips; 12-27-2003 at 01:40 AM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.