Complete.Org: Mailing Lists: Archives: discussion: February 2001:
[aclug-L] Re: Firewall Question 		Home

[aclug-L] Re: Firewall Question

[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
To: discussion@xxxxxxxxx
Subject: [aclug-L] Re: Firewall Question
From: "Carl B. Davis" <cdavis@xxxxxxxxxxxxx>
Date: Sat, 03 Feb 2001 16:00:03 -0600
Reply-to: discussion@xxxxxxxxx 


This firewall script was an RPM I obtained from the internet, rpmfind.net.
It is based on SUSE's distribution and is a firewall that is supposed to run
with ipchains.  It has been converted to work with my version of RedHat.  I
already have ip masquerading going.  This firewall script shuts down
specified ports between 1-1023, and exclude and limit other services like
ftp, http and smtp.  It looks like it is setup to work with ip masq.
I can make the firewall work when I manually start it after my dial up
connection has been established.  But, I don't know  how to start the
firewall automatically after my local machine has received it's dynamic ip.

Carl

Nate Bargmann wrote:

> On Sat, Feb 03, 2001 at 03:18:12PM -0600, Carl B. Davis wrote:
>
> Carl.
>
> Not sure what distribution you are running, but it doesn't sound like
> Debian 2.2.  Debian does have a nice package called ipmasq that is quite
> easy to configure for PPP firewalling.  If you are using Debian, I'll
> help as I can with the ipmasq package.
>
> - Nate >>
>
> >
> > Greetings,
> >
> > I have a pppd internet dial up connection, set up for what used to be
> > Southwind.  It dials on demand.  I now have a firewall setup that will
> > close open ports, and deny access to anyone not on my network.  The
> > thing is, because I have a dynamic ip address that changes each time I
> > connect, the firewall has to be re-started each time the demand dial up
> > connection is initiated.  The explanation I have says to start it with
> > the same script that begins the internet connection.  I have tried to
> > put it in the "options" and "southwind.chat" files that are used by
> > pppd, but that just produces errors.  I also tried putting it in
> > ip-up.local and ip-up, with no success.
> >
> > Question, how can I set this up to start the firewall after my dial up
> > is handed it's ip address from the isp?
> >
> > Thanks for your suggestions.
> >
> > Carl
> >
> >
> > -- This is the discussion@xxxxxxxxx list.  To unsubscribe,
> > visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
> >
>
> --
>  Wireless | Amateur Radio Station N0NB          | "None can love freedom
>  Internet | n0nb@xxxxxxxxxxxxxxxx               | heartily, but good
>  Location | Wichita, Kansas USA EM17hs          | men; the rest love not
>    Wichita area exams; ham radio; Linux info @  | freedom, but license."
>              http://www.qsl.net/n0nb/           | -- John Milton
>
> -- This is the discussion@xxxxxxxxx list.  To unsubscribe,
> visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi


-- This is the discussion@xxxxxxxxx list.  To unsubscribe,
visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
[Prev in Thread] Current Thread [Next in Thread]