[CLUE-Tech] a more sophisticated firewall?
Dave Anselmi
anselmi at americanisp.net
Sun Dec 23 11:10:01 MST 2001
Dave Price wrote:
> team,
>
> i have looked thru the docs, and a couple of features I would like for
> my firewall still elude me.
>
> 1> denying any connections from specific IP addresses / ranges. Just
> drop the connection and log the attempt - mostly for my ninja-ridden
> qwest neighbors who keep trying to connect.
>
> 2> passing specific ports to 'private' addresses inside the firewall. I
> have NAT working, but I would like to start passing SMTP and WWW ports
> to boxes behind the NAT.
Both are covered well (IMO) in Rusty's guides (there are 2, packet filter
for question 1 and NAT for question 2).
http://netfilter.samba.org/unreliable-guides/
I hope to help people with this at the next installfest. That means I
should put together a machine with some probing and sniffing tools, which I
probably won't get to :-(
Dave
More information about the clue-tech
mailing list