On Sunday 21 December 2003 7:07 am, Andrea Tasso wrote: > hello, these are my naive questions, I am a newbie: > > I need to firewall my homebrew linux boxes, say to close everything I can > to/from outside (internet), and do everything inside my vpn. On the > FIREWALL machine I also run some server whose services/ports must keep to > be accessible to/from outside. Those kinds of connections I need to do also > to servers outside. All the machines of the VPN need to be free to suft the > outside internet. So also masquerading and forwarding are needed. I don't really see anything about this setup which is not dealt with very well by the tutorials available at http://www.netfilter.org/documentation/index.html#tutorials The only thing I would say about the protocols marked with "?" on your diagram is that DNS uses TCP port 53 and UDP port 53; it does not use port 42. I can't understand why you have marked the DSL router with "?" as this is nothing to do with the netfilter setup. It would help us greatly if you could read one of the tutorials, use a ruleset which you think will do (part of) what you want, and then tell us if you are having specific problems afterwards. Read the documentation - it really is good, and it will not only give you good examples of what to do, but help you understand why it works as well. Regards, Antony. -- Behind the counter a boy with a shaven head stared vacantly into space, a dozen spikes of microsoft protruding from the socket behind his ear. - William Gibson, Neuromancer (1984) Please reply to the list; please don't CC me.
