hi

i was wondering if anyone can tell me the proper way in debian testing 2.6 to write a simple iptable configuration which would cause any traffic from the ethernet card to any port other than 22 to "disappear." i dont know iptables, and i dont know where in the debian startup scripts this would go. im using the cryptographic filesystem package which exports / to localhost and i dont want any such thing (nor other services which appear, including printer/daytime/discard and other things) to be visible from the other side of my ethernet card; however i would like it to be visible for locally generated traffic.

thanks a lot
-gong

Have a read of this big tutorial.. http://iptables-tutorial.frozentux.n...-tutorial.html

There are scripts at the end you can "massage"..