Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 15601 - Link to file, but file missing (404) in Gentoo Security Guide
Summary: Link to file, but file missing (404) in Gentoo Security Guide
Alias: None
Product: [OLD] Docs-user
Classification: Unclassified
Component: Gentoo Security Guide (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Sven Vermeulen (RETIRED)
Depends on:
Reported: 2003-02-12 17:51 UTC by Vince Verleye
Modified: 2003-08-28 10:14 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Vince Verleye 2003-02-12 17:51:10 UTC
Guide is refering to firewall.gz which should be located at

Please correct or upload the file.


Reproducible: Didn't try
Steps to Reproduce:
Comment 1 Jungmin Seo (RETIRED) gentoo-dev 2003-02-15 00:35:03 UTC
plz specify which line or which section.  i couldn't find it
Comment 2 John Davis (zhen) (RETIRED) gentoo-dev 2003-02-15 11:17:37 UTC
just search for it in the doc (security-howto). I know that we had this on the old site, and it prolly just needs moved in cvs. 
Comment 3 Jungmin Seo (RETIRED) gentoo-dev 2003-02-17 16:39:53 UTC

it is not in cvs any more.  i made the firewall.gz file and i am not sure where i could put in in cvs..

it is just a text file tar gziped.

Comment 4 Vince Verleye 2003-02-17 20:42:13 UTC
seo: You can find it here, if not found already:

Please also consider checking this line near the end of the script (are you the editor, seo?):
  #Allow client to route through via NAT (Network Address Translation)

I could be wrong since I'm not too familiar with iptables, but in my setup I have to replace $IINTERFACE by $OINTERFACE for it to work correctly. Like this:


Thanks in advance.

Comment 5 Jungmin Seo (RETIRED) gentoo-dev 2003-02-18 21:17:22 UTC
vince thanks.. i found where the link was broken ; could you possibly revise what vince said?
Comment 6 Kim Nielsen 2003-02-19 01:31:10 UTC

It really depends on what you think is the outside and inside of your network. If $IINTERFACE is the inside of your network (In the example 10.0.0.) this is the one to MASQ. You don't want to MASQ the internet to your local network :)

When I have the time I'm going to rewrite the firewall part with some automatic blocking of ISP from 

Anyway hopes this answars your question.
Comment 7 Vince Verleye 2003-02-19 14:22:57 UTC
I'm looking forward to your rewriting of the firewall.

Sure, it makes sense somehow, but like I said, I'm not too familiar with iptables. 
I thought -o is --out-interface so naturally I'd use $OINTERFACE.
Comment 8 John Davis (zhen) (RETIRED) gentoo-dev 2003-03-30 13:43:33 UTC
what is the status on this bug?
Comment 9 Sven Vermeulen (RETIRED) gentoo-dev 2003-08-28 10:10:12 UTC
Seo doesn't seem active. I'm taking his bugs...
Comment 10 Sven Vermeulen (RETIRED) gentoo-dev 2003-08-28 10:14:10 UTC
This has been fixed previously.