[ltp] about iptables ??

Tod Harter linux-thinkpad@linux-thinkpad.org
Mon, 25 Aug 2003 10:58:37 -0400 

What are you trying to accomplish?

If you want to do something really simple like maybe just IP masq another 
machine behind yours the best way is to set things up by hand. There is an IP 
MASQ howto (sorry I seem to have lost the bookmark but its pretty easy to 
find). The general procedure is to issue your iptables commands (use 
iptables, not ipchains generally speaking) and then do an 

iptables-save >/etc/sysconfig/iptables

then in /etc/sysctl.conf set net.ipv4.ip_forward = 1

and reboot.

I don't know of a GUI that gives you access to these settings.

If you want to set up something more complex then I would go with a 
higher-level tool. There are a few tools available for setting up packet 
filtering/basic firewall like shorewall (which is pretty high end really for 
most people). 

If you need serious firewalling, I'd go with something besides MDK though, its 
a good general purpose distro but not really optimum for this kind of thing. 
Smoothwall kicks ass and its MUCH easier to manage.

On Monday 25 August 2003 01:55 am, Burcu Yasuk wrote:
> Hello All,
>
> I need a document about how iptables work on mandrake 9.1 and how I can
> activate and install rules with iptablesAnyone can help me ?
>
> Best regards,----------------------------------------------------------
> The information contained in this communication is intended solely for the
> use of the individual or entity to whom it is addressed and others
> authorized to receive it.   It may contain confidential or legally
> privileged information.   If you are not the intended recipient you are
> hereby notified that any disclosure, copying, distribution or taking any
> action in reliance on the contents of this information is strictly
> prohibited and may be unlawful. If you have received this communication in
> error, please notify us immediately by responding to this email and then
> delete it from your system. Ernst & Young is neither liable for the proper
> and complete transmission of the information contained in this
> communication nor for any delay in its receipt.
>
> Note: If you have received a delivery failure report, it may be due to the
> change in the Ernst & Young e-mail domain from "eyi.com" to "ey.com".
> Could you please make the necessary amendment, if required, and resend the
> message.

-- 
Tod Harter
Giant Electronic Brain
http://www.giantelectronicbrain.com