Re: Firewall / iptables configuration script

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sunday 16 Jan 2005 13:54, blank wrote:
> Alberto M R Davila wrote:
> >Hi All,
> >
> >Just installed FC2 with the latest 2.6.10 kernel... look good ;-) however,
> >since I did not install "X" I dont have any GUI support then not sure how
> >to configure manually (text based) the firewall/iptables... there are lots
> >of docs about that on internet, but while I read those I would like to
> >know which would be a good (meaning: working well and easy to use by
> >beginners) script/tool for that purpose ? I vaguely remember slackware
> >cames with a script like that...
> >
> >Basically, I would like to allow port 80 (http) and 8080 (TomCat)...
> >
> >Thanks, Alberto
> >
> >
> >
> >
> >__________________________________
> >Do you Yahoo!?
> >Take Yahoo! Mail with you! Get it on your mobile phone.
> >http://mobile.yahoo.com/maildemo
>
> i prefer and use Shorewall (www.shorewall.net) by Tom Eastep. It's
> great, easy to use and has tons of features for easy, safe firewall
> configuration. i'm sure there are many others, but this one has so well
> for me, i've not felt the need to stray (on linux that is).
>
> jb
A followup to this ....
If you don't have a X system on that box, Shorewall can be configured from any 
other box on the network that DOES have a X system if you also install webmin 
on the target system. Webmin has a pretty good Shorewall module.

Alternatively, just install the x libraries on the target system (you don't 
have to configure the system display for X), then ssh -X into the target 
system from any other machine that does have X.
This way there are a large number of GUI based iptables front-ends you can 
use, including Firestarter.
Just make sure you don't block the ssh port on the target machine.  

I prefer this last method, as it allows for a very secure way of accessing the 
target systems firewall setup.  And after all, if you are running a headless 
system, you don't want to have to attach a monitor just to make a minor 
change to the firewall setup!

-- 
Tony Dietrich
-------------
Neckties strangle clear thinking.
  -- Lin Yutang


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux