On Wed, 2011-05-04 at 18:01 -0500, Harry Putnam wrote: > Setup: Running Gentoo Linux > Iptables and many related parts compiled into kernel > > Can anyone offer well used and vouched for URLs to iptables scripts > for a starter firewall setup? > There's plenty of stuff out there if you Google, but if you tell us exactly what you want to achieve then we will suggest something. A good starting point for a basic firewall is to block all incoming unrelated requests, but let everything out. Not particularly comprehensive, but it may suit your needs: iptables -A INPUT -i $ext_IF -m state \ --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -i $ext_IF -j DROP You may also want to do FORWARD if you use this as a gateway: iptables -A FORWARD -i $ext_IF -m state \ --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -i $ext_IF -j DROP Andy -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
