[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Portsentry, ipchains and pmfirewall
- Subject: Re: [cobalt-security] Portsentry, ipchains and pmfirewall
- From: Francisco Sánchez <lists@xxxxxxxxxxxxx>
- Date: Sun, 20 Jan 2002 05:00:15 +0100
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
----- Original Message -----
From: "Michael Stauber" <cobalt@xxxxxxxxxxxxxx>
To: <cobalt-security@xxxxxxxxxxxxxxx>
Sent: Sunday, 20 January, 2002 00:03
Subject: Re: [cobalt-security] Portsentry, ipchains and pmfirewall
>
> Oh well ... I could say "I told ya", but I won't. ;o)
I already admited it... but, really, I couldn't avoid trying.... ;-)
>
> No, I'd rather use a better reset routine instead. Put this at the top of
> your firewall ruleset:
>
> # Function to disable the firewall:
> down() {
> echo "Flushing all rulsets -- firewall disabled"
> $IPCHAINS -P input ACCEPT
> $IPCHAINS -P output ACCEPT
> $IPCHAINS -P forward ACCEPT
> $IPCHAINS -F
> exit 1
> }
>
>
Very nice one. I have tried gShield 1.5.6 as you recmmended and works very
smoothly -very close to what I really wanted to do. I will see tomorrow how
to add you reset rutine to it, which will make it much "safer".
Just a couple of things...
For starting gShield at boot time, I assume that a line with
/etc/firewall/gShield.rc in rc.local will do. Right?
Finally, is it there a simple way to apply the firewall rules to a machine
that has several IP addresses. I have created separate rules for each
additional IP, but, is it anything easier that I am missing?
Best regards,
Francisco