HelpNet Security: Commenting a firewall
Jul 28, 2001, 21:16 (1 Talkback[s])
(Other stories by Aleksandar Stancin)
[ Thanks to LogError for this link.
"Now, in order to use it you'll have to upgrade to a
2.4.x kernel, and compile the support for iptables in it. So, go to
/usr/src and find your kernel source. Notice that the location may
vary, but in most cases it is /usr/src. By typing 'make menuconfig'
you can get to the options that are needed for iptables. Select all
neccessary, save changes and exit. From there it's pretty much the
same old story (make dep, make clean...). If you're new to kernel
compilation, you can read more on it in my older article, wich can
be found here.
Notice: use the latest version of iptables, which is iptables
1.2.2. Some older versions had some security flaws due to code
vulnerabilities. Newer versions have this bug fixed. Also, I would
advise you to frequently read news at the Netfilter homepage for
updates and bug reports.
If you're familiar with ipchains, you should be able to easily
manipulate the iptables syntax. If not, feel free to read
- SecurityPortal: Ask Buffy - Blocking Internet Access, Apache Proxy Request(May 13, 2001)
- Help-Net Security: Start your day with a cup of DoS(Apr 28, 2001)
- LinuxNewbie.org: Iptables Basics NHF(Apr 17, 2001)
- Linux Journal: Building a Bridging Firewall with Linux(Mar 18, 2001)
- Making your Linux router fit in with CISH(Mar 11, 2001)
- Canada Computes: A Little Security in an Insecure World
(Feb 24, 2001)
- LinuxNewbie.org: Easy Internet Sharing NHF: VERSION 1.0(Feb 19, 2001)
- LinuxSecurity.com: Linux Kernel 2.4 Firewalling Matures: netfilter(Feb 15, 2001)
- Security Portal: Firewalls - The Network Filter and Proxy(Feb 14, 2001)