[Sheflug] Firewall config - for Ross.

[Barrie Bremner <nospam [at] ecosse.net>]

Sorry,

had to subscribe with my other email address, since I'm at work at the moment.

Ross, the firewall config I sent you is default DENY - but it will allow 
related connections back (you did patch your 2.4.3 kernel to fix the bug with 
that didn't you? If not upgrade to 2.4.4 or patch 2.4.3!).

So, if you are connecting from the box running the firewall to another box, it 
should work.

If you are trying to connect to the firewalled box from outside, it will fail 
- the firewall will drop the connection attempt.

It's already been suggested - using ssh to tunnel the X connection is a much 
easier, and more secure solution, rather than poking holes in the firewall.

If you want to want to drop the firewall for the moment, issue

iptables -P INPUT ACCEPT or
iptables -P FORWARD ACCEPT if your firewall is on a different box to the 
machine you are connecting from.

Once again - try SSH - it's a vastly better solution.

Baz.

--
Barrie J. Bremner         OpenPGP public key ID: 5164F553

TheEnglishman [at] ecosse.net   http://barriebremner.com/

   "Linux? Is that some kind of MacOS?"
      -- BT technical support

---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word 
 "unsubscribe" in the body of the message. 

  GNU the choice of a complete generation.