mobility and firewall
Christoph Georgi
christoph.georgi at web.de
Thu Jun 2 18:43:55 CDT 2005
You could write a simple iptables script that only allows connection
establishment from your notebook for a limited amount of services:
Default Policy: DROP
Allow only ESTABLISHED and RELATED for incoming traffic
Allow outgoing connections only to port http, https, smtp, pop3, ...
Additionally you might want to specify the processes that are allowed to
connect to services.
You do not need to specify the interfaces, i.e. rules can be designed to
be applicable for all interfaces.
If you require some assistance, feel free to contact me.
regards
christoph
Lance Lassetter wrote:
> Hi,
>
> It seems some sort of *recommended* simple firewall solution should be
> in place. I.e: for laptop users who are very mobile and connecting to
> multiple networks that may be infected with some sort of worm/virus.
>
> I have yet to find a solution when assigned multiple ip addresses and
> using multiple connection methods, like ppp0, eth0, ath0, wlan0.
>
> Something like Red Hat's lokkit would be nice, however lokkit itself
> writes entries for the DNS servers.
>
> So what I'm asking is a simple firewall solution that can be implemented
> before multiple interfaces come up.
>
> Thanks,
>
> Lance(stuNNed)
>
>
>
--
Christoph Georgi
-----------------------------
email. christoph.georgi at web.de
fon. +64 (0)9 815 8259
registered linux user #380268
ubuntu 5.04 (ubuntu.com)
More information about the ubuntu-devel
mailing list