more stupid network questions

Tony Alfrey tonyalfrey
Mon May 17 12:01:18 PDT 2004 

On Monday 12 April 2004 03:52 am, David A. Bandel wrote:
> On Sun, 11 Apr 2004 20:36:48 -0700
>
> Tony Alfrey <tonyalfrey at earthlink.net> wrote:
> > Hi list:
> >
> > Please bear with me because I'm gonna have a pile of really DUMB
> > network questions now that I have this warp speed connection.  You
> > are all gonna be ROTFLYAO.
> >
> > Is there a way to turn the f*$(%& network card off other than
> > unplugging the RJ-45 cable?  So that I'm not hooked up to the
> > entire world when I don't want to be, at least until I learn about
> > this stuff.
>
> Better, good firewall rules:
>
> assuming eth0 is your connection to the world:
>
> iptables -A INPUT -m state -i eth0 --state RELATED,ESTABLISHED -j
> ACCEPT iptables -A INPUT -m state -i eth0 --state NEW,INVALID -j DROP
> iptables -A INPUT -m state -i ! eth0 --state NEW,RELATED,ESTABLISHED
> -j ACCEPT
> (line wrap at no extra charge -- do not wrap them on your system,
> those are 3 lines above, not 4)
>
> If you're using your system for forwarding to your wife's machine,
> add two like the first two but to the FORWARDING table.
>
> The above will allow you to go out, but no one to come in.
>
> Ciao,
>
> David A. Bandel

Oh, THIS I'll have to study.  I have no idea what this all means.
Let me tell you what we have in place so that you can tell me what is 
relevant.
1.  My GoogleGeek tenant has a Mac and we all have cable and the cable 
modem is in his apt.
2.  He has an Apple AirportExtreme base station connected to the cable 
modem.  It has a 'firewall' inside and he, in essence, is the 
administrator.  He has set up WEP, passwords, dchp, etc on the base 
station with his Mac.  I wish Apple would make a linux driver.
3.  We have another Apple AirportExtreme in our house, set up as a 
bridge.  I connect to the bridge with the LAN port; my wife connects 
with 801.22b
4.  eth0 is a device on my box, but it is a 'node' (I think) on the 
network, and I do not control the network, only my box.  Although I do 
have the password for the base station and could, in principle, command 
the base station if I knew what to say to it.

It sounds like your recommendations apply to the base station, not to 
me???

Thanks, David!


-- 
Tony Alfrey
tonyalfrey at earthlink.net
"I'd rather be sailing"

More information about the Linux-users mailing list