[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] RE: Ipchains rule set

Subject: [cobalt-security] RE: Ipchains rule set
From: "Jon" <jjma@xxxxxxxxxxxxxx>
Date: Mon, 14 Apr 2003 10:11:32 +0100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hello,

> Playing around with ipchains (thanks for the pkg bruce !! ;-))  now. And I
> am wondering if someone who has a succesfull rule set configured
> is willing
> to share it.
> Any tips, pointers and hints are welcome also.

I have always found this link very useful and I use the pmfirewall +
pmfirewall ruleset on my server. It's an easy configuration and helpful:

http://linux.cvf.net/

Best of luck and remember to work in test mode before committing to the
ruleset.i.e in your pmfirewall setup.:


     ## Set default policy
     $IPCHAINS -A output -j ACCEPT
     $IPCHAINS -A input -j DENY -l
#========== start patch ===============
     # disable after $TTF seconds.
     TTF=300  #This line defines the number of seconds firewall starts for.
(0 = forever)
     if test $TTF -gt 0
     then
        echo "Firewall rules runing for $TTF seconds"
        (sleep $TTF;
           /etc/rc.d/init.d/pmfirewall stop \
        ) &
     else
        echo "Firewall rules running for ever"
     fi
#=========== end patch ===============
     echo "             Done!"

regards

Jon

Prev by Date: Re: [cobalt-security] OpenSSH-3.6.1p1-1
Next by Date: [cobalt-security] OpenSSH-3.5p1-1 from Solarspeed, Vol 1 #1153 - 3 msgs
Previous by thread: Re: [cobalt-security] OpenSSH-3.6.1p1-1
Next by thread: [cobalt-security] OpenSSH-3.5p1-1 from Solarspeed, Vol 1 #1153 - 3 msgs

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index