IPtables help

jgtg32a · 12-04-2007, 12:32 AM

Ok Heres the network layout

I have a "webserver" a P4 w/ 512 ram, and I have a dedicated firewall a AMD3200+ w/ 2gb ram. Both running Ubuntu Desktop ED. Not the best for the firewall but Gentoo was giving me too much grief. This is a class assignment I'm trying to harden it against attacks mainly DoS attacks. I've gone through the Iptables tutorial (http://iptables-tutorial.frozentux.n...-tutorial.html) which was rather helpful.

But one thing that I can't figure out how to do is make my firewall invisible I mean with the +1 to TTL on all packets and all. But I'm having trouble getting the firewall to back off and not grab an the address from the network. Basically I want the firewall to just drop all packets I don't like and the server to use DHCP and grab an IP address. Thats the part I'm having trouble with right now.

Or should I just say forget it and go with NAT and forwarding.

Thank you in advance, and be sure to check back because I've got alot of questions.

checkmate3001 · 12-04-2007, 02:55 AM

Beyond me... but this site could help you setup an iptables script.
http://easyfwgen.morizot.net/gen/

I use it to help me out. I change the settings, have it create the script and then see what it did. I occasionally will modify the scripts to my liking.

May be helpful.

dbmacartney · 12-04-2007, 02:50 PM

could you give a little more detail on network details and which IP you are trying to protect? one way of blocking would be to set your default policy on your tables to drop automatically and then just enable the ones you require for services.

eg: iptables -P INPUT DROP

I hope I can be of more assistance, more details would help :-)