I've been reading a lot in the forums and I've got to ask if iptables is something that I should configure on a home system that is already running Suse's basic firewall. I don't run/host any services on my machine and am only doing dialup now, but will be getting broadband soon.

Should I worry or am I protected enough?

I've seen several post about creating the iptables config, but if I were to setup this on my machine how to I load it at boot up and if I'm dial up how is "my" dynamic address put into it?

Thanks

1. You can never be too sure whether you need a firewall. Sure, now you may not need one, but you can't tell if future apps or packages you install may open up ports.
Fail on the safe side and install it anyway. It takes < 1mb.

2. iptables isn't just for firewalling. If you're intending to share your broadband bandwidth, you will need iptables for NAT.

3. Typically you will configure the firewall to block by the interface (on dialup, usually this is ppp0), so whatever dynamic IP is assigned to you is typically not an issue. Go to www.tldp.org and search for iptables HOWTO to accomplish this.

It really depends,

for example if your behind a Linksys router, which has a built in firewall maybe not(as long as you setup good hosts acl's)

if your connected directory to the NET then yes. for sure.



-Nex6

You can edit rc.firewall file for loading iptables rules at boot. And if your IP address is dynamic you could use interface ppp0 (or what you use) for blocking or accepting packets. For example the rule below will allways work. Because whatever your ip will be the packets will come through interface ppp0.. All will be logged.

Hope this helps..

I suggest that you give iptables a try, because when I first tried it, I was amazed at the number of attempts to get into my dialup connection.

Monitor your /var/log/messages and you too will be amazed.

Well thanks for all the replies. I'll have to work on getting all that setup.