how about a *really small* firewallForum: DSL Ideas and Suggestions Topic: how about a *really small* firewall started by: vees Posted by vees on Nov. 21 2005,16:23
Hi everybody,I have recently discovered DSL and I have just ordered my copy. But when looking at the packages list, I noticed that DSL does not seem to have any firewall. So here is my suggestion, why not include this really small script called "blockall": #!/bin/sh iptables -F iptables -A INPUT -p all -s 127.0.0.1 -j ACCEPT iptables -A INPUT -p tcp --syn -j DROP and make it executable from alt-F12 (like Knoppix-STD does). Of course, this can harly qualify as a "firewall" but this small iptables script allow for some reasonably safe surfing on the web? What do you think? Cheers. VS PS: FYI - should it not be possible to add this script to DSL, it is always possible to manually write it, then chmod +x blockall in the default user directory, then "sudo ./blockall" Posted by SaidinUnleashed on Nov. 21 2005,16:51
Since iptables is not included in DSL, this probably will not be added to the base iso.If you need rudimentary firewall function in DSL, without adding the iptables.dsl, you can edit the /etc/hosts.deny and hosts.allow, respectively. -J.P. Posted by VS on Nov. 21 2005,23:09
Would it be possible to add iptables (without a front-end)? Posted by SaidinUnleashed on Nov. 21 2005,23:19
As I said, it's available as iptables.dsl. Use it to your heart's content.
Posted by vees on Nov. 22 2005,13:05
Sorry, I was inattentive. Thanks for everything! |