S
steelmanronald06
Guest
This how-to is about making a basic firewall.
1. You will need root priviledges (one way to become root is to run the command su from a terminal and then type the root password).
Now, open the file /etc/rc.d/rc.local in a text editor. Add the text /etc/rc.d/rc.firewall on a new line at the end of the file. Save the file.
Note that this entry makes the firewall start on your computer at boot. If you want to disable the firewall, just remove or comment this line (put a # at the start of the line).
2. Now create a new file called rc.firewall in the /etc/rc.d directory and put the text below
Save the file.
Note
Note that every line that starts with a # is only a comment.
3. Run the command chmod 755 /etc/rc.d/rc.firewall to make the script executable.
4. Run the command /etc/rc.d/rc.firewall to start the firewall.
Remember this firewall is by no means perfect, but it does provide a basic level of protection and make you "stealthed". (Stealthed means that your computer is invisible to most kinds of tests, but again this is not perfect)
1. You will need root priviledges (one way to become root is to run the command su from a terminal and then type the root password).
Now, open the file /etc/rc.d/rc.local in a text editor. Add the text /etc/rc.d/rc.firewall on a new line at the end of the file. Save the file.
Note that this entry makes the firewall start on your computer at boot. If you want to disable the firewall, just remove or comment this line (put a # at the start of the line).
2. Now create a new file called rc.firewall in the /etc/rc.d directory and put the text below
Code:
#!/bin/sh
#Change the part after the = to the where you IPTABLES is on your system
IPTABLES=/sbin/iptables
#flush existing rules
$IPTABLES -F INPUT
#This allows all data that has been sent out for the computer running the firewall
# to come back
#(for all of ICMP/TCP/UDP).
#For example, if a ping request is made it will allow the reply back
$IPTABLES -A INPUT -j ACCEPT -m state --state ESTABLISHED -i eth0 -p icmp
$IPTABLES -A INPUT -j ACCEPT -m state --state ESTABLISHED -i eth0 -p tcp
$IPTABLES -A INPUT -j ACCEPT -m state --state ESTABLISHED -i eth0 -p udp
#Allow traffic from ethernet adapter eth1 to pass through if
#you have a network, or
#as using linux as a router for internet etc.
#Your first ethernet card is eth0 and the second would be eth1 etc.
#$IPTABLES -A INPUT -i eth1 -j ACCEPT
#Allow incoming FTP requests
#$IPTABLES -A INPUT -p tcp --dport 20 -j ACCEPT
#$IPTABLES -A INPUT -p tcp --dport 21 -j ACCEPT
#Allow incoming SSH requests
$IPTABLES -A INPUT -p tcp --dport 22 -j ACCEPT
#Allow incoming HTTP requests (to Web server)
#$IPTABLES -A INPUT -p tcp --dport 80 -j ACCEPT
#Allow Ping echo
#I have commented this line, so ping from an outside machine will not work.
#Uncomment the next line to make ping from outside work.
#$IPTABLES -A INPUT -p icmp -j ACCEPT
#Drop and log all other data
#The logging is set so if more than 5 packets are dropped in
#three seconds they will be ignored. This helps to prevent a DOS attack
#Crashing the computer the firewall is running on
$IPTABLES -A INPUT -m limit --limit 3/second --limit-burst 5 -i ! lo -j LOG
$IPTABLES -A INPUT -i ! lo -j DROP
#The logs from the firewall are put into your system log file, which can be found at #/var/log/syslog
Save the file.
Note
Note that every line that starts with a # is only a comment.
3. Run the command chmod 755 /etc/rc.d/rc.firewall to make the script executable.
4. Run the command /etc/rc.d/rc.firewall to start the firewall.
Remember this firewall is by no means perfect, but it does provide a basic level of protection and make you "stealthed". (Stealthed means that your computer is invisible to most kinds of tests, but again this is not perfect)