Categories:
-
3d 96 articles
-
animations 16 articles
-
architecture 47 articles
-
blender 98 articles
-
bédé 19 articles
-
techdrawing 24 articles
-
freecad 183 articles
-
gaming 1 articles
-
idsampa 8 articles
-
inthepress 8 articles
-
linux 57 articles
-
music 1 articles
-
nativeifc 24 articles
-
opensource 260 articles
-
orange 4 articles
-
photo 16 articles
-
projects 35 articles
-
receitas 176 articles
-
saopaulo 18 articles
-
sketches 162 articles
-
talks 25 articles
-
techdrawing 24 articles
-
textes 7 articles
-
trilhas 3 articles
-
urbanoids 1 articles
-
video 47 articles
-
webdesign 7 articles
-
works 151 articles
Archives:
-
2007 22 articles
-
2008 32 articles
-
2009 66 articles
-
2010 74 articles
-
2011 74 articles
-
2012 47 articles
-
2013 31 articles
-
2014 38 articles
-
2015 28 articles
-
2016 36 articles
-
2017 41 articles
-
2018 46 articles
-
2019 59 articles
-
2020 18 articles
-
2021 20 articles
-
2022 7 articles
-
2023 25 articles
-
2024 7 articles
Simple firewall
This is a very simple firewall I was once taught by my friend Fabio. Just copy these lines in a blank file, make it executable, and have it executed some time during your init process. My favorite way is to add this in /etc/network/interfaces:
auto eth1iface eth1 inet staticaddress 192.168.0.1netmask 255.255.255.0post-up /etc/network/if-up.d/firewall.shThis is the firewall script:
#!/bin/sh# Cleans the iptablesiptables -F# Enables internet connection sharingmodprobe iptable_natiptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADEecho 1 > /proc/sys/net/ipv4/ip_forward# Opens some ports (22=SSH, 1080=Socks)iptables -A INPUT -p tcp --destination-port 22 -j ACCEPTiptables -A INPUT -p tcp --destination-port 1080 -j ACCEPT# Allows localhost everywhere iptables -A INPUT -s 127.0.0.1 -j ACCEPTiptables -A OUTPUT -s 127.0.0.1 -j ACCEPT# Opens local networkiptables -A INPUT -p tcp --syn -s 192.168.0.0/255.255.255.0 -j ACCEPT# Closes everything elseiptables -A INPUT -p tcp --syn -j DROP