From: "Dave Nebinger" <dnebinger@joat.com>
To: <gentoo-user@lists.gentoo.org>
Subject: RE: [gentoo-user] iptables example on Gentoo
Date: Tue, 06 Sep 2005 13:39:53 -0400 [thread overview]
Message-ID: <00ce01c5b309$febb1c00$4501010a@jnetlab.lcl> (raw)
In-Reply-To: <loom.20050906T182657-904@post.gmane.org>
> I've been trying to build a simple firewall with a DMZ for a
> web server.
Dude, trying to use iptables directly was your first mistake.
Take a spin out and look at shorewall (I'm sure others have different
recommendations).
Shorewall will get you up and running in no time and will easily handle the
configuration stuff from your original post.
Trying to manage such a complex config using iptables directly is doomed to
failure; any mistake in ordering of rules, etc., will break your
connectivity. Sticking with a tool like shorewall will simplify rules
maintenance and pose less of a problem when performing updates later on.
Dave
--
gentoo-user@gentoo.org mailing list
next prev parent reply other threads:[~2005-09-06 17:43 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-09-06 17:22 [gentoo-user] iptables example on Gentoo James
2005-09-06 17:39 ` Dave Nebinger [this message]
2005-09-06 17:53 ` Holly Bostick
2005-09-06 18:25 ` [gentoo-user] " James
2005-09-06 19:04 ` Dave Nebinger
2005-09-06 20:00 ` James
2005-09-06 20:39 ` Dave Nebinger
2005-09-07 0:02 ` gentuxx
2005-09-07 1:20 ` W.Kenworthy
2005-09-07 13:08 ` Dave Nebinger
2005-09-07 17:06 ` James
2005-09-07 18:14 ` Holly Bostick
2005-09-07 19:11 ` James
2005-09-07 19:53 ` Dave Nebinger
2005-09-08 18:14 ` James
2005-09-08 19:30 ` kashani
2005-09-07 20:09 ` Holly Bostick
2005-09-07 18:40 ` gentuxx
2005-09-07 19:29 ` James
2005-09-07 19:56 ` gentuxx
2005-09-07 20:49 ` Dave Nebinger
2005-09-07 18:48 ` Dave Nebinger
2005-09-07 22:08 ` James
2005-09-07 23:51 ` gentuxx
2005-09-08 1:23 ` James
2005-09-08 9:20 ` Neil Bothwick
2005-09-08 17:43 ` James
2005-09-08 16:19 ` James
2005-09-08 16:42 ` Dave Nebinger
2005-09-09 9:44 ` Michael Kintzios
2005-09-09 13:38 ` Dave Nebinger
2005-09-08 17:35 ` Neil Bothwick
2005-09-09 0:52 ` Jerry McBride
2005-09-07 23:52 ` Rumen Yotov
2005-09-07 18:48 ` James
2005-09-07 19:44 ` [gentoo-user] " Bryan Whitehead
2005-09-08 1:34 ` [gentoo-user] " James
2005-09-08 15:37 ` Rumen Yotov
2005-09-09 11:19 ` [gentoo-user] " Timo Boettcher
2005-09-09 14:23 ` Dave Nebinger
2005-09-10 17:04 ` Timo Boettcher
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='00ce01c5b309$febb1c00$4501010a@jnetlab.lcl' \
--to=dnebinger@joat.com \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox