From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id F0370138B19 for ; Tue, 19 Feb 2013 20:13:04 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 860F921C023; Tue, 19 Feb 2013 20:12:53 +0000 (UTC) Received: from mail-wi0-f179.google.com (mail-wi0-f179.google.com [209.85.212.179]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id ED06BE04D6 for ; Tue, 19 Feb 2013 20:12:51 +0000 (UTC) Received: by mail-wi0-f179.google.com with SMTP id ez12so5343105wid.6 for ; Tue, 19 Feb 2013 12:12:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:from:reply-to:to:subject:date:user-agent:references :in-reply-to:mime-version:content-type:content-transfer-encoding :message-id; bh=naV2/mvrozq8mcRgQD1SF9GgdP1eerMBErHBswjzQJs=; b=vHfeoEyA1/Dkd94Igcd4EX63nd6o/tkEo7pBKYcHNq5+tWujW2InZyvZbboPlo/9dY qmTJmGrJ9ZghJ7fnbePmeXIgEBcmkK5GDyGYACnWy9NrdxpsScE/CxBq+8Nmtq7mjR7W 5K2886OGHkpY1fEN3piDzUrZicWAxmMXSoXLpyE2Uj2wn3TkUpGLBwQvA8Bo97dY3PsQ hzp6AhuoPFaCGfOMhq/ZaZP43bc6lsIak2HEDYdjilsx6wlOiOGvkov6PCxLY7TdyYMl 6dfUzq0E7XaquLy+ytjb23WIrMg1Q1sP48YWmsq3Y/f+8DZ2JwYN9lxDY9S+kJnz+OMj QkWg== X-Received: by 10.180.93.168 with SMTP id cv8mr28206474wib.5.1361304770603; Tue, 19 Feb 2013 12:12:50 -0800 (PST) Received: from dell_xps.localnet (230.3.169.217.in-addr.arpa. [217.169.3.230]) by mx.google.com with ESMTPS id dw1sm29957510wib.5.2013.02.19.12.12.49 (version=TLSv1.2 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 19 Feb 2013 12:12:49 -0800 (PST) From: Mick To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Re: firehol + gentoo 3.6.11 kernel.... Date: Tue, 19 Feb 2013 20:12:15 +0000 User-Agent: KMail/1.13.7 (Linux/3.6.11-gentoo; KDE/4.9.5; x86_64; ; ) References: <5122D698.7090606@googlemail.com> In-Reply-To: Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart4730502.89UzB1kVYq"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <201302192012.28134.michaelkintzios@gmail.com> X-Archives-Salt: 539958bf-3710-416f-9d28-26030d186a55 X-Archives-Hash: 5bb9405649e212e4f929deac8ea7df2d --nextPart4730502.89UzB1kVYq Content-Type: Text/Plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable On Tuesday 19 Feb 2013 16:20:20 James wrote: > Alon Bar-Lev gentoo.org> writes: > > Yes, I use it. > > Just enable all non experimental iptables settings at kernel including > > NAT. >=20 > A while back, Mick posted on some updates to Arno's firewall work: >=20 > net-firewall/arno-iptables-firewall >=20 > I do not have the info handy, but you could google it > or maybe mick can post the link again.... >=20 > I found Arno's approach very instructive for rule making, > research and as a reference. >=20 > That said, firewalls and transparent bridges are moving forward > at the speed of light. Many new featuures in the kernel > as wells a different approaches to security. If you intend > to "hack" in this area, you need to get current and find a > compatible group for the latest information.... >=20 > good hunting.....as it is very time consuming >=20 > ymmv, > James Here it is, I'm just trying the latest ~2.0.1d version as we speak, which a= lso=20 includes IPv6 rules: http://rocky.eld.leidenuniv.nl/joomla/index.php?option=3Dcom_content&view= =3Darticle&id=3D45&Itemid=3D63 =2D-=20 Regards, Mick --nextPart4730502.89UzB1kVYq Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEABECAAYFAlEj3KwACgkQVTDTR3kpaLY+4ACg07L4hRzBoaXrqYs35pDoFSjI 8b4AoJ3/qgpbxbIjPprxge/czwdMUeGn =AU9P -----END PGP SIGNATURE----- --nextPart4730502.89UzB1kVYq--