I found it easier to understand the resultant firewall configuration script and also found it easier to express my intentions. My goal is to show a simple firewall example that has a waterfall style in default groups only. The SuSE firewall configuration and resultant scripts use multiple custom groups of rules. That’s an advantage if the distribution included firewall features don’t quite give you what you need. The set of functionality is broad and the configuration method very expressive. Verifying that the resultant firewall adequately secures the relevant hosts is left as an exercise for the reader.Įven though it’s hard to get to grips with, iptables/NetFilter is fabulously cool.
The following is offered as documentation of simple firewall configuration using iptables. In the end I figured out what I needed using a Vmware virtual machine running SuSE Linux Pro 10.0. There’s a lot of scattered information about iptables that can be found using your favourite search engine but none of it quite taught me what I needed to know. The iptables man pages are really a documentation of syntactical detail of the iptables command line and don’t provide guidance on composition of a firewall from a series of rules. There’s nothing wrong with them but I couldn’t get quite the configuration I wanted and chose to create configurations manually. Most major Linux distributions, SuSE ones included, feature some user interface for firewall configuration.
0 kommentar(er)
