Hello all,

I'm relative noob in the linux world, with my only experience as an end-user.

But now I need to configure a firewall for a small network...

Since I'd like to learn from it, I picked Slackware 10.1 :-)

After installing it, I typed modprobe iptables, returned iptables v1.2.4.

I'd like to:
1) Uninstall this version and install v1.3.5. How do I uninstall it?
2) I unpacked v1.3.5 on /usr/src/iptables-1.3.5. But it's all in .c format. Wich commands should I use to configure/install it?
3) I wrote a small script and saved it as firewall.sh. How do I start it with the system all together?

Thats it for now, when I finish configuring it, then I'll post further questions/doubts :-).

Txs,

1. http://www.slackbook.org/html/packag...TIES-REMOVEPKG
2. Read the README and INSTALL files. Generally, './configure && make && make install'
3. http://www.slackbook.org/html/securi...-HOST-IPTABLES

Hello bulliver,


thank you for your time in helping a newbie :-)

I'll take a look and if I have further questions, will post here.

Again thank you very much.


Gaucho

The IPTables-HOWTO from LinuxGuruz is also very useful.

I would highly recommend using something like Smoothwall instead of interacting with iptables is you're new to firewalling. It will save you many headaches!

and where can i find it? I'd like to give it a try.

smoothwall.org. I've tried the 3.0 Beta; it seems stable and has nice improvements over 2.0.

I'm not trying to discourage you here, but in your first post you stated you wanted to use this as a learning experience. Smoothwall will not teach you how to administer iptables firewalls. It uses a web-browser interface to hide the inner workings from you, so keep that in mind.

As a professed newbie you might want to consider trying an online script generator such as at http://easyfwgen.morizot.net/gen/index.php.

Bear in mind that this tool is somewhat limited, but if the box you are configuring the script for is a gateway for the remainder of the LAN, then this online tool should work. You probably will have to experiment before you generate a script you like.

Do know that if you use this particular online generator, that you must edit the resulting script to point to the correct location for iptables. For Slackware that location is:

IPT="/usr/sbin/iptables"

Additionally, if this box is not going to provide DNS services, then be sure with the other boxes in the LAN that you manually configure where those boxes are to look on the web to resolve DNS lookups. For GNU/Linux boxes that location is /etc/resolv.conf.

The Slackware startup and shutdown scripts are all located in /etc/rc.d.

The default Slackware rc.inet2 script is already configured to look for a script named /etc/rc.firewall. Thus, all you need do is rename your firewall script from firewall.sh to rc.firewall. Store the script in /etc/rc.d.Then be sure to enable the executable bits on the script (chmod +x /etc/rc.d/rc.firewall).

Well... looks like there are several ways to do I want :-)

I'll take a look @ everything you guys posted and will pick one way... of course, I want to learn from it (and considering that this should not be a hard task), it's a small LAN with simple needs such access www, some MSN and/or ICQ and that's it...

Thank you all very much!

Also, you may want to look at Firestarter.