On 28/09/05, James Pifer jep@obrien-pifer.com wrote:
Wondering if anyone is willing to give me a little assistance with some firewall rules. I think what I'm looking for is fairly simple, and I've been trying to use webmin's firewall module without success.
I have a web server that I'd like to open up port 80 and forward a specific port for a select number of allowed ips. That's it. Everything else is dropped.
allow: port 80 allow: forward port 8000 for x.x.x.x to y.y.y.y
Anyone willing to assist with the rules? And lastly, how would I apply it in a way that it will always be in affect? If the machine reboots for example.
Have a look at the bastion firewall setup examples from the O'Reilly Linux Server Security book at http://examples.oreilly.com/linuxss2/
They should point you in the right direction. As for starting across reboots, I'd place the script either in root's home or somewhere else normal users can't get to and run it from /etc/rc.d/rc.local
Will.