I have installed latest Shorewall 1.46b on my Debian Woody ( debian-kernel 2.4.21 + iptables 1.28 ) I have an Ethernet ADSL Modem that connect using " PPTP " My ADSL line has dynamic IP. The modem is on eth0 The modem ip is: 192.168.1.1 eth0 ip is: 192.168.1.2 I''d like to make that pc as gateway for my local network of 7 pc too. The second NIC card eth1 has ip 192.168.2.1 Somebody can help me suggesting a good configuration for shorewall configs ( params, zones, interfaces etc.. ) ? And after are there some option to prevent DDOS attaks ? And something to lock the remote port scanners ? I don''t want to let other people see my open ports and try to hack it. Thanks a lot to everybody can help me
On Thu, 2003-08-07 at 15:21, Salvatore wrote:> I have installed latest Shorewall 1.46b on my Debian Woody ( debian-kernel > 2.4.21 + iptables 1.28 ) > > > > I have an Ethernet ADSL Modem that connect using " PPTP " > > > > My ADSL line has dynamic IP. > > > > The modem is on eth0 > > The modem ip is: 192.168.1.1 > > eth0 ip is: 192.168.1.2 > > > > I''d like to make that pc as gateway for my local network of 7 pc too. > > > > The second NIC card eth1 has ip 192.168.2.1 > > > > Somebody can help me suggesting a good configuration for shorewall configs ( > params, zones, interfaces etc.. ) ? > > > > And after are there some option to prevent DDOS attaks ? > > And something to lock the remote port scanners ? I don''t want to let other > people see my open ports and try to hack it. > > >1) Go to the Shorewall Web site. 2) Under the heading "Getting Started with Shorewall" is a link 3) Follow it AND READ!!!!! -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
On Thu, 2003-08-07 at 15:21, Salvatore wrote:> I have an Ethernet ADSL Modem that connect using " PPTP "One thing that the two-interface HOWTO that I referred you to doesn''t deal with is PPTP-based ADSL (assuming that you really mean PPTP as opposed to PPPoE -- to this point, I''ve only encountered PPTP modem in Austria). If you really are using PPTP to talk to your modem, then I recommend the following additions to the two-interface sample: /etc/shorewall/zones: modem Modem The ADSL Modem /etc/shorewall/interfaces: modem eth0 192.168.1.255 /etc/shorewall/tunnels: pptpclient modem 192.168.1.1 -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
On Thu, 7 Aug 2003, Tom Eastep wrote:> On Thu, 2003-08-07 at 15:21, Salvatore wrote: > > One thing that the two-interface HOWTO that I referred you to doesn''t > deal with is PPTP-based ADSL (assuming that you really mean PPTP as > opposed to PPPoE -- to this point, I''ve only encountered PPTP modem in > Austria). > > If you really are using PPTP to talk to your modem, then I recommend the > following additions to the two-interface sample: >I''ve added these instructions to the PPTP page (http://shorewall.net/PPTP.htm) with links from the QuickStart Guides. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net