Re: [gentoo-dev] NAT iptables info

public inbox for gentoo-dev@lists.gentoo.org
 help / color / mirror / Atom feed

From: Chad Huneycutt <chad.huneycutt@acm.org>
To: gentoo-dev@cvs.gentoo.org
Subject: Re: [gentoo-dev] NAT iptables info
Date: Mon Oct  1 20:29:01 2001	[thread overview]
Message-ID: <3BB926B7.1030805@acm.org> (raw)
In-Reply-To: 3BB8D91C.C52CDE0C@gentoo.org

Donny Davies wrote:

>To provide some kind of gentoo firewall is, hmm, well silly. Its %100
>configuration. This is not the domain of a 'package', 'rpm' or ebuild. 
>
I don't completely agree with this.  While questions like "How do I set 
up a firewall?" are not completely germaine to this mailing list, the 
above statement is your opinion and open for discussion here.  I think 
that it is a very good idea to provide several basic scripts for common 
configurations.  If they are already out there, then great!, we should 
include them in an ebuild.  It is a much better policy to have the 
network default to a secure state (such as the Rusty's script that 
allows no incoming connections) than to leave it wide open, and let the 
potentially newbie sysadmin get hacked.

It would be nice to bring up a semi-secure,  masquerading (or whatever 
they are calling it these days)  firewall box with little effort.  From 
there, one can learn about iptables and such things to customize it further.

Just some thoughts from someone who hasn't delved into iptables yet,

   Chad

next prev parent reply	other threads:[~2001-10-02  2:28 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2001-10-01 15:02 [gentoo-dev] NAT iptables info Donny Davies
2001-10-01 17:01 ` AW: " Sebastian Werner
2001-10-01 20:29 ` Chad Huneycutt [this message]
2001-10-02  4:13 ` Djamil ESSAISSI
  -- strict thread matches above, loose matches on Subject: below --
2001-10-03 13:15 Sherman Boyd
2001-10-03 13:39 Donny Davies
2001-10-03 13:46 ` Michael M Nazaroff
2001-10-03 18:12   ` Collins Richey
2001-10-03 13:53 Sean Mitchell
2001-10-04  4:54 ` Djamil ESSAISSI
2001-10-04 13:29   ` Daniel Robbins
2001-10-04 14:31     ` Nathaniel Grady
2001-10-05  3:47     ` Djamil ESSAISSI
2001-10-05 10:28       ` Daniel Robbins
2001-10-04 14:48 Sherman Boyd

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3BB926B7.1030805@acm.org \
    --to=chad.huneycutt@acm.org \
    --cc=gentoo-dev@cvs.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox