11-06-2001
Consider using a 2.4 kernal so that you can take advantage of iptables which is easier and more powerful. You can do a lot of things in iptable much more simply than ipchains, and since it is session based (unlike ipchains which is sessionless) it can detect some attacks much better than ipchains.
10 More Discussions You Might Find Interesting
1. Cybersecurity
Hello,
I in the process of installing a firewall. I'm new to this topic and would like to know if someone can point me in the right direction.
I'm running Solaris 8.
Thanks in advance. (2 Replies)
Discussion started by: sunoracle
2 Replies
2. Shell Programming and Scripting
plz help me, i need to configure my firewall with using shell script, i am using unix fedora 9. thanks ppl. replys would be great. (1 Reply)
Discussion started by: king_jon85
1 Replies
3. Shell Programming and Scripting
HI All,
I need a script to reboot a linux box from a windows box.
The script needs to run automatically whenever a sitescope alerts with an error message.
Have searched for this in the forums, but could not get something relative.
Pls. let me know the various alternatives we have to do... (2 Replies)
Discussion started by: Crazy_murli
2 Replies
4. UNIX for Dummies Questions & Answers
I am a novice to linux and unix and command line, I am willing to jump in head first. I have a couple older computers, one is a dell XPS with a P2 Proccessor and th other is a old old sony VIAO. I have a small home network 3 computers...i have my DSL modem then thats connected to my wireless... (2 Replies)
Discussion started by: Tabryan07
2 Replies
5. UNIX for Advanced & Expert Users
Hi all,
I need to send mail to a particular email id using a local mail server.This mail shall contain the content of a file. I don't have any idea how to do it. Can anyone guide me ,where to start proceeding for it. Any guide or study material would appreciated. (1 Reply)
Discussion started by: amit_kv1983
1 Replies
6. Cybersecurity
HI all,
I have setup IPTables firewall/Router and my home network, with address space 192.168.10.XXX
Form my private network hosts, i can ping the gateway ( 192.168.10.101 ) , but the reverse is not happening.
Can someone help me as of what i need to do, so that i can ping my private... (1 Reply)
Discussion started by: chandan_m
1 Replies
7. Cybersecurity
Hello,
I am currently using a Sonicwall firewall to protect a class C network of public IP addresses. The sonicwall allows me to specify which IP's will be on the DMZ port and the remainder are on the LAN port by default. I would like to replace this Sonicwall with a linux box and use iptables... (3 Replies)
Discussion started by: richard987
3 Replies
8. UNIX for Dummies Questions & Answers
Hi,
I've been able to mount my linux box to a windows machine, but I can't seem to mount my linux box to another linux box I have. (I know I could scp, but for other reasons I need to do it this way) Samba is installed.
Here is an example where I mount to a Win machine.--> works fine
mount... (12 Replies)
Discussion started by: jdilts
12 Replies
9. Red Hat
Hi
I have a linux box and need to access from windows graphically
# uname -a
Linux pc-l416116 2.6.18-155.el5 #1 SMP Fri Jun 19 17:06:47 EDT 2009 i686 i686 i386 GNU/Linux
What components do I need to install on Linux and windows to do that?
TIA (6 Replies)
Discussion started by: magnus29
6 Replies
10. How to Post in the The UNIX and Linux Forums
Hello my dear friends,
Two file are auto generated from mon - fri at different directories on same windows box.Every day i have to copy the file, rename it (specific name)and ftp it to linux box specified directory.
is it possible to automate this process,If yes this has to be done from windows... (1 Reply)
Discussion started by: umesh yadav
1 Replies
LEARN ABOUT OPENSOLARIS
ipfilter.conf
NETSCRIPT-2.2.conf(5) File Formats Manual NETSCRIPT-2.2.conf(5)
NAME
/etc/netscript/network.conf - interface, firewalling, and QoS configuration file.
/etc/netscript/if.conf - interface setup shell script file
/etc/netscript/qos.conf - QoS setup shell script file
/etc/netscript/ipfilter.conf - IP chains filtering shell script file
/etc/netscript/srvfilter.conf - server IP filter shell script file
DESCRIPTION
This manpage is a place holder until something better is written when the netscript itself has stopped changing rapidly.
Please see the README file in the /etc/netscript directory, and READ the configuration files if you need to change them. Apart from net-
work.conf, all of them contain sh (1) shell script functions which are there so that various things can be altered or hooked in at the
right place. Network.conf contains the full network setup details, including special interface setup for the likes of ciped/pppd/wanconfig,
and is fully commented with examples given.
UPGRADE PATH FROM KERNEL 2.2.X
The firewall/IP filtering stuff in ipfilter.conf is the part that changed radically with the move to iptables and a far better way of set-
ting up the IP filtering rules, however the QoS and interface startup/shutdown in if.conf have changed but are backwards compatible with
the old 2.2.x ipchains version of netscript for the interface address configuration settings. You will have to set up the filtering again
to use iptables by directly using the iptables commands.
Also, the kernel 2.2.x version scripts are set up so that iptables is only run on a 2.4.x kernel, otherwise IP forwarding is disabled if
beforehand you set IPFWDING_KERNEL to FILTER_ON in network.conf.
This means that when you upgrade a box to a 2.4.x router kernel, you should then be able to reboot it and log into remotely and upgrade
netscript to the version that will support 2.4.x. In this situation, if you have set old IPFWDING_KERNEL setting to FILTER_ON beforehand
in network.conf, all IP forwarding through the box will also be disabled. This means that you can safely remotely upgrade a firewall.
SEE ALSO
netscript(8), ipchains(8), iproute(8), brcfg(8).
AUTHOR
This manual page was written by Matthew Grant <grantma@anathoth.gen.nz>, for the Debian GNU/Linux system (but may be used by others).
BUGS
The author is lazy. He needs to write btter man pages...
November 23, 2000 NETSCRIPT-2.2.conf(5)