[TriLUG] using a Linux box as a pass-through filter
Ben Pitzer
uncleben at mindspring.com
Mon Dec 20 15:39:06 EST 2004
Dan,
I know there are quite a few folks here who think that any OS outside of
OpenBSD is just begging to be cracked, but frankly I'm pretty satisfied with
my Debian box, running exactly the config you're talking about. It's been
doing so for at least 3 years now, and no problems. I could share my
(underlying) iptables rule set with you, if you like. It's rather easy once
you have the framework down, in my experience. I set mine up using an
article in Linux Magazine as a reference, and their sample config as a basis
for my own rules.
Let me know if you would like to see my iptables rules. My experiences with
*BSD have been (much) less than satisfying, so if you have similar
experiences, and wish to turn back, I'd be happy to help you get this up and
running under Linux.
Regards,
Ben Pitzer
---------------------------------------------
"Those that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
--Ben Franklin--
> -----Original Message-----
> From: trilug-bounces at trilug.org [mailto:trilug-bounces at trilug.org]On
> Behalf Of Dan Monjar
> Sent: Monday, December 20, 2004 8:55 AM
> To: TriLug
> Subject: [TriLUG] using a Linux box as a pass-through filter
>
>
> An idea I had late last night while I listened to the wind howl... would
> it be possible to setup a Linux box with two nics and use various
> firewall rules to filter traffic and ports... the possible gotcha is
> that I don't want either nic to have an IP address. I want to take
> traffic in on one port, analyze and drop unwanted packets and then push
> the acceptable traffic out through the other nic.
>
> I want an in-line filter...
>
> I wish everyone on the list a Happy and Safe Holiday season.
> --
> Dan Monjar
> --
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
>
>
More information about the TriLUG
mailing list