Tugger the SLUGger!SLUG Mailing List Archives

Re: [SLUG] ipchains


On Wed, Jul 25, 2001 at 05:32:32PM +1000, David (david@xxxxxxxxxxxxx) wrote:
> 
> I just installed RH7.1 firewalled. I'm trying to modify what I did and all
> I can find is /etc/sysconfig/ipchains. This file deprecates manual
> customising (see below). I can't find any other way of doing it. Is there
> a tool? I've looked on google, but obviously in the wrong place.

The file contains the output of

  /etc/rc.d/init.d/ipchains save

or 

 /sbin/ipchains-save -v > /etc/ipchains.rules


There are a number of ways to change the content of that file which
is put in there by the commands above.

You can do it by "hand" writing a script with rules aka (stopping external pop3 requests)

 ipchains -A ppp0-in -p tcp -s 0.0.0.0/0 pop-3 -d 0.0.0.0/0 -j DROP

or use 

 "firewall-config" form the system menu

or use

 lookit


BUT before you do that you *MUST* read:

/usr/share/doc/ipchains-1.3.10/
http://www.linuxgrill.com/anonymous/fire/netfilter/iptables-HOWTO.html
http://www.telematik.informatik.uni-karlsruhe.de/lehre/seminare/LinuxSem/downloads/netfilter/
http://www.BoingWorld.com/workshops/linux/iptables-tutorial/




jobst




-- 
"There are three kinds of lies: Lies, Damn lies, and statistics." - Disraeli

             __, Jobst Schmalenbach, jobst@xxxxxxxxxxxxxx, Technical Director
   _ _.--'-n_/   Barrett Consulting Group P/L & The Meditation Room P/L      
 -(_)------(_)=  +61 3 9532 7677, POBox 277, Caulfield South, 3162, Australia