ubuntu on firewalls
Karl Auer
kauer at biplane.com.au
Mon Mar 2 17:47:04 UTC 2009
On Mon, 2009-03-02 at 12:25 -0500, Matthew Flaschen wrote:
> > I'd like to know if there is any specific "fork" of ubuntu for firewalls and
> Certainly, you can use Ubuntu Server as a firewall.
> [...]
> you shouldn't need anything
> outside the repos to setup even a fairly complex firewall.
Very few of the repo solutions know about IPv6 (in fact, I'm not sure
any of them do). Which means IPv6 will pass through your interfaces
unhindered and unseen :-)
Firewall Builder 3 is the only one that I know for a fact fully supports
ip6tables, because I use it! It is in the repos, but the version in the
repos does not (or does not properly) support IPv6.
You need at least nightly build 770. FWBuilder is distributed as a .deb
among other things, so it integrates nicely with Ubuntu, or you can
build from a tarball, which is also fairly straightforward.
http://www.fwbuilder.org/nightly_builds/fwbuilder-3.0/
If you have no interest in IPv6 (which would be extremely shortsighted
of you these days), the net abounds with ways to turn it off. Or you can
just block it completely with a handwritten three-line script to set the
policy to DROP.
Regards, K.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au) +61-2-64957160 (h)
http://www.biplane.com.au/~kauer/ +61-428-957160 (mob)
GPG fingerprint: 07F3 1DF9 9D45 8BCD 7DD5 00CE 4A44 6A03 F43A 7DEF
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20090303/dfc0645b/attachment.sig>
More information about the ubuntu-users
mailing list