Claude Jones wrote:
I've built my firewall using Firestarter, Ver 1.03. If I turn it off, and do iptables -vL, I get a wide open no rules iptables list. When turned on, it has what seems like a very simple 5-policy set of rules for inbound - no outbound policies at all. Yet, when I give the iptables -vsL command, I get a huge complex set of rules and chains that I haven't seemingly configured. I'd post it but it takes up nearly
three screens. Anyone know the short answer to why this is happenning?
If you look in /etc/firestarter directory you will find there a script that firestarter wizard generates (in latest version they probably split it into several scripts). Look at it - they write in the comments explanation for the rules they set.
This was the ticket. I'd printed out the manual, and read a lot of on-line docs, many more than were suggested by others. Looking at the script pretty much answered my question. I'd checked 'Block traffic from reserved addresses on public interfaces' in preferences, and that generated a separate rule for every reserved address, probably 2/3'rds of the rules script.
-- Claude Jones Bluemont, VA, USA
