Shorewall users - Nov 2003 - Enable Kernel to Iptables - Shorewall

Hi,

I have a little server for hosting use ( apache 2, php, mysql, ssl, ftp etc ) on
Debian Woody Linux with kernel 2.4.22.

I''d like to enable the kernel for shorewall - iptables filter.

I see the example on www.shorewall.de/kernel but there are many option enabled
that I think I don''t need, for example the gateway, routing and nat etc
( I need the single interfaces configuration )

Somebody can tell me what are the only tings that I need to enable for a hosting
server ?

Many Thanks

On Wednesday 19 November 2003 06:49 am, Salvatore wrote:
( I need the single interfaces configuration )
>
> Somebody can tell me what are the only tings that I need to enable for a
> hosting server ?
The best way to do it is go to the QuickStart Guides at www.shorewall.net and 
follow the instructions for single interface.  Take it step by step and dont 
try to get fancy.  When you get to the bottom of the guide you will have 
Shorewall working. Look at the FAQs if you get confused.

Whatever you do, dont start deleting or modifying things until you have read 
the Guide for your setup.

Good luck,
Richard

Hello,

I took a look at http://www.shorewall.net/kernel.htm.

If you are going to bother with compiling a kernel, I do not see any reason not
to enable all of the suggested kernel config. Do you have a particular reason to
avoid some of these kernel config options? In terms of space/performance, I
cannot imagine that the difference between having all of these options enabled
vs having just the bare minimum needed for your particular firewalling scenario
is significant in anyway (maybe someone could comment here) unless possibly you
are moving a LOT of packets.
>From what info you provided below (nothing) it is hard to guess what you
need
anyways.

I would start with the suggested kernel config options, set up your firewall,
then after you gain familiarity and understanding, go ahead and start removing
options from newer kernel compilations, if you really feel the need. If you do
this, and you find you need to use some more firewall functionality, then of
course you will most likely have to recompile your kernel again. I hope you have
a lot of time...

-Alex
http://www.rettc.com

----- Original Message ----- 
From: "Salvatore" <ilcorvo@pizzairc.it>
To: <shorewall-users@lists.shorewall.net>
Sent: Wednesday, November 19, 2003 5:49 AM
Subject: [Shorewall-users] Enable Kernel to Iptables - Shorewall


Hi,

I have a little server for hosting use ( apache 2, php, mysql, ssl, ftp etc ) on
Debian Woody Linux with kernel 2.4.22.

I''d like to enable the kernel for shorewall - iptables filter.

I see the example on www.shorewall.de/kernel but there are many option enabled
that I think I don''t need, for example the gateway, routing and nat etc
( I need
the single interfaces configuration )

Somebody can tell me what are the only tings that I need to enable for a hosting
server ?

Many Thanks
_______________________________________________
Shorewall-users mailing list
Post: Shorewall-users@lists.shorewall.net
Subscribe/Unsubscribe:
https://lists.shorewall.net/mailman/listinfo/shorewall-users
Support: http://www.shorewall.net/support.htm
FAQ: http://www.shorewall.net/FAQ.htm