[ubuntu-hardened] Firewall script
John Richard Moser
nigelenki at comcast.net
Thu Nov 29 02:09:46 GMT 2007
I wrote a small iptables firewall script that just stores and restores
iptables settings on boot. Attached to bug 151653, it requires explicit
saving of the rule set. Nothing fancy.
When writing up a server, the administrator may want to have something
like Tomcat served through Apache plus PHP-based pages plus egress
filtering (to prevent network hopping once you're inside a server, if
you don't have root access) plus a local mail server (in case a silly
Web application decides it wants to connect to a real SMTP server
instead of using sendmail() locally). With about 50 ports open you may
decide to actually only serve the 2 you need to the network and block
the other 30. ;)
--
Bring back the Firefox plushy!
http://digg.com/linux_unix/Is_the_Firefox_plush_gone_for_good
https://bugzilla.mozilla.org/show_bug.cgi?id=322367
More information about the ubuntu-hardened
mailing list