On Sun, 12 Dec 2010 05:30:23 -0800 (PST) S Mathias <smathias1972@xxxxxxxxx> wrote: > I have a small, simple firewall "script": > http://pastebin.com/raw.php?i=NChRyqVu Seems OK. I've found through experience that limiting outgoing connections will sometimes cause issues. I suspect it is because the applications are more flexible on ports than the rules allow for. And the drop invalid runs into issues with timeout in the firewall. If a connection is up but inactive for over 60 seconds, the firewall drops it, leading subsequent communication to be dropped. > > - unnecessary things in it [if it contains any, like are there > solutions for write multiple destination ip's in one line?] > - missing thing, that could be in a firewall, to make it > _SAFER/BETTER_! Why are you using multiple destinations for the http and https rule instead of having two different rules? > > TODO's/Q's [please help!]: > 1) where do i have to put the "iptables-restore FROMTHEFILE" command > [to set the firewall when e.g.: booting the pc] on Fedora? /etc/sysconfig/iptables Make the firewall you want and then run iptables-save and it will be stored there. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
