Learning IPTables
Generally, I’m pretty lax when it comes to Firewalls in Linux, for the simple fact that I use kubuntu/ubuntu, which opens no ports by default. So any open ports on the system, I generally know about.
Anyway, as I’ve recently had a new server setup for Radio Amarok (many thanks to BitFolk for this, who have provided this service for us) and I knew that it would be something that’s going to be in the public eye, I thought that I better get a firewall up and running
So yes, I’ve been learning how to use Iptables correctly, and having to learn more about how TCP/IP works. I knew the basics, but actually sitting down and learning more about it is definitely interesting. Though, I’ve still not much idea on some issues, like why Aaron Krill’s ISP can’t route him to the Radio Amarok server (Andy Smith tried explaining - but I still had no idea what was going on!)
On another note, Radio Amarok is still looking for help. So if you have anything to offer (we’re looking for sponsors, artists, DJs, and web developers/designers (and at some point we’ll be looking for a sysadmin)), so if you have anything to offer us, feel free to pop into IRC (irc.freenode.net #amarok.radio) or email me (mez AT radioamarok DOT com)
Tags: firewall, iptables, Linux, radio amarok
October 14th, 2007 at 9:30 am
A piece of advice - use Shorewall: http://shorewall.net
I was in the same situation as you a few years back, and although IPtables is not hard to learn, a ruleset quickly becomes unmanageable. Shorewall allows you to use normal configuration files and is much easier to set up - but still allows me to use all of IPtables’ strength.
October 14th, 2007 at 11:56 am
Yep. I’m certainly familiar with IP tables, but quite frankly, I can’t be bothered these days. Shorewall makes it much easier, and it’s a whole lot more logical to be able to say “I want to give this network access to this network” in a config file.