[plug] PPC firewall question

Adam Hewitt ahewitt at globaldial.com
Tue Sep 9 08:52:29 WST 2003


If I were you I would read the firewall howto and learn how to use
iptables commands yourself. This will be much more benficial than using
a program to do it for you, and you will end up with a much more
tailored and secure system when you know exactly what its doing.

Oh, and I would take a linux firewall over a pix anyday ;)

Adam

On Mon, 2003-09-08 at 23:50, Chris Caston wrote:
> I don't think I've got any replies yet.
> 
> At the moment I'm just playing around sshing into the machine and
> working out ipchains.I think I'm going with seawall at least to learn
> more about it. 
> 
> I should also mention that the machine is 200hmz with 32mb RAM.
> 
> I believe that seawall supports static NAT so will be looking into it.
> 
> Anyone know if seawall protects against "loose address source routing"?
> I know this isn't going to be a Cisco Pix but I'd like to get it
> reasonably secure. 
> 
> regards,
> 
> Chris
> 
> On Mon, 2003-09-08 at 20:42, Chris Caston wrote:
> > Hello,
> > 
> > I have a Power Mac 7220 that I have recently used to install PPC Debian
> > 3.0r1 
> > 
> > For some reason I could only boot the install from BootX (under Mac OS
> > 8.5) using kernel ver 2.2. Trying to boot the install using 2.4 would
> > freeze the system.
> > 
> > Now that I have the system installed nicely I am reviewing my options
> > for firewallage.
> > 
> > I took a look over at shorewall 
> > 
> > (http://www.shorewall.net/)
> > 
> > and it seems that as netfilter is built into the 2.4 kernel if I wish to
> > remain with 2.2 I should use the Seattle Firewall or Seawall (interface
> > to IPchains) (http://seawall.sourceforge.net/)
> > 
> > I am very much a newbie to firewalls so will be learning in this
> > experience.
> > 
> > I plan to use slap my Billion BI-PAC 711CE ADSL modem in bridged mode.
> > The Mac has two Digital 10/100 nics. One will be plugged into the ADSL
> > modem the other into my Xnet 8 port switch.
> > 
> > I will also be using the PPC machine for NAT/DHCP (of course) and I may
> > also install apache at a later date.
> >  
> > What do you think it the best option for a firewall?
> > 
> > Should I use the Seattle Firewall (seawall) or update the 2.4 (can this
> > be done on this machine?) and use netfilter? Or suggest a better option.
> > (: 
> > 
> > regards,



More information about the plug mailing list