more stupid network questions
David A. Bandel
david
Mon May 17 12:01:18 PDT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sun, 11 Apr 2004 20:36:48 -0700
Tony Alfrey <tonyalfrey at earthlink.net> wrote:
> Hi list:
>
> Please bear with me because I'm gonna have a pile of really DUMB
> network questions now that I have this warp speed connection. You are
> all gonna be ROTFLYAO.
>
> Is there a way to turn the f*$(%& network card off other than
> unplugging the RJ-45 cable? So that I'm not hooked up to the entire
> world when I don't want to be, at least until I learn about this
> stuff.
>
Better, good firewall rules:
assuming eth0 is your connection to the world:
iptables -A INPUT -m state -i eth0 --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -m state -i eth0 --state NEW,INVALID -j DROP
iptables -A INPUT -m state -i ! eth0 --state NEW,RELATED,ESTABLISHED -j
ACCEPT
(line wrap at no extra charge -- do not wrap them on your system, those
are 3 lines above, not 4)
If you're using your system for forwarding to your wife's machine, add
two like the first two but to the FORWARDING table.
The above will allow you to go out, but no one to come in.
Ciao,
David A. Bandel
- --
Focus on the dream, not the competition.
Nemesis Racing Team motto
GPG key autoresponder: mailto:david_key at pananix.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFAenTjj31PLQNUbV4RAuJ2AJ9vo+DiW3W0t99dzo3+5x3F2IU1EwCgp79Z
RJuqGUs9zuvD1DXWVkophZs=
=d8aG
-----END PGP SIGNATURE-----
More information about the Linux-users
mailing list