Guide is refering to firewall.gz which should be located at
Please correct or upload the file.
Reproducible: Didn't try
Steps to Reproduce:
plz specify which line or which section. i couldn't find it
just search for it in the doc (security-howto). I know that we had this on the old site, and it prolly just needs moved in cvs.
it is not in cvs any more. i made the firewall.gz file and i am not sure where i could put in in cvs..
it is just a text file tar gziped.
seo: You can find it here, if not found already:
Please also consider checking this line near the end of the script (are you the editor, seo?):
#Allow client to route through via NAT (Network Address Translation)
$IPTABLES -t nat -A POSTROUTING -o $IINTERFACE -j MASQUERADE
I could be wrong since I'm not too familiar with iptables, but in my setup I have to replace $IINTERFACE by $OINTERFACE for it to work correctly. Like this:
$IPTABLES -t nat -A POSTROUTING -o $OINTERFACE -j MASQUERADE
Thanks in advance.
vince thanks.. i found where the link was broken
email@example.com ; could you possibly revise what vince said?
It really depends on what you think is the outside and inside of your network. If $IINTERFACE is the inside of your network (In the example 10.0.0.) this is the one to MASQ. You don't want to MASQ the internet to your local network :)
When I have the time I'm going to rewrite the firewall part with some automatic blocking of ISP from http://isc.incidents.org/
Anyway hopes this answars your question.
I'm looking forward to your rewriting of the firewall.
Sure, it makes sense somehow, but like I said, I'm not too familiar with iptables.
I thought -o is --out-interface so naturally I'd use $OINTERFACE.
what is the status on this bug?
Seo doesn't seem active. I'm taking his bugs...
This has been fixed previously.