Firewall Script for Workstation

Toods · 02-24-2006, 08:43 AM

I want to put together a firewall script to run IpTables on my PCs.

I have searched this forum and read a lot about it on the various web sites and seen the many recommendations for the various GUI front-ends etc.

Nearly all these references are about configuring a firewall for a Linux router. My setup is very simple:

I have 4 PCs on a local network and these obtain an IP in the range 10.0.0.1/15 by DHCP from the ADSL router(10.0.0.2) which is the connection to the internet.

Two of the PCs on the LAN are Linux boxes (Slackware) and it is for these that I want to configure IpTables. Can anyone point me in the direction of an rc.firewall script that is suitable for this simple application?.

Thank you.

ledow · 02-24-2006, 09:57 AM

I use projectfiles.com's rc.firewall

http://projectfiles.com/firewall/

It's a one-file script that you put into /etc/rc.d and edit. Most of the settings you won't need to bother with at all if you're just using it as a desktop script (i.e. pretty much zero except to put ports you want open into the section marked PERMIT.

I use it as a desktop firewall too, and a server firewall, and a router firewall.

Pretty much, the unconfigured version will set you up with a full firewall which you can then edit to hone it (blocking ping, allowing internal network ips/interfaces, opening ports etc.)

onebuck · 02-24-2006, 09:59 AM

Quote:

Originally Posted by Toods

I want to put together a firewall script to run IpTables on my PCs.

I have searched this forum and read a lot about it on the various web sites and seen the many recommendations for the various GUI front-ends etc.

Nearly all these references are about configuring a firewall for a Linux router. My setup is very simple:

I have 4 PCs on a local network and these obtain an IP in the range 10.0.0.1/15 by DHCP from the ADSL router(10.0.0.2) which is the connection to the internet.

Two of the PCs on the LAN are Linux boxes (Slackware) and it is for these that I want to configure IpTables. Can anyone point me in the direction of an rc.firewall script that is suitable for this simple application?.

Thank you.

Hi,

A older Basic setup description on;

http://www2.linuxjournal.com/article/3546

It does describe using ipchains but can be a good guide for general setup of your firewall.

Another good place to help/reference;

http://www.linuxguruz.com/iptables/

You will find FAQ, scripts and just about everything you should need to setup your firewall.

BTW, routers do have firewalls installed and you just need to set them up to your needs. So you should setup the adsl router with a firewall anyway.

I also like to test the firewall with Steve Gibson's 'ShieldsUp' at;
http://grc.com/default.htm

It will do a fairly thorough check of the system and it is free. I've been a fan of Steve's software since the early days of DOS. He's a great assembly language programmer!

HTH!

odevans · 02-24-2006, 01:12 PM

Quote:

Originally Posted by ledow

I use projectfiles.com's rc.firewall

http://projectfiles.com/firewall/

Seconded. The ProjectFiles script is extremely versatile, but easy to configure. Basically, it writes iptables rules for you. 'Out of the box' it's a straight firewall, but as ledlow said, it can handle routing too. Get the latest version - don't bother with the old "installer" version, how hard can it be to copy a file to /etc/rc.d/ and chmod +x it?