Re: Help with Linux Basics
From: Kevin Vaughn (kevin.vaughn_at_ttu.edu)
Date: 12/31/03
- Next message: Sinister Midget: "Re: Problem with Windows!"
- Previous message: Lars M. Hansen: "Re: Problem with Windows!"
- In reply to: Allen Kistler: "Re: Help with Linux Basics"
- Next in thread: Allen Kistler: "Re: Help with Linux Basics"
- Reply: Allen Kistler: "Re: Help with Linux Basics"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Wed, 31 Dec 2003 16:52:47 -0600
> netfilter config is stored in /etc/sysconfig/iptables
> It is usually reloaded automatically on reboot.
So if I understand correctly, I make the changes in /etc/sysconfig/iptables
and save the file. Then each time the system is booted, iptables loads from
the /etc/sysconfig/iptables file. This is definitely part of what I was
looking for. Thank you for your help Allen.
The other part I'm concerned about has to do with this article that I'm
reading. I want to make sure to get all the steps before I go on so
everything is set up correctly the first time. I've included an excerpt
below that shows what I'm talking about. There are quite a few CONFIG_ABC
lines listed in this article. So do I need to reinstall iptables to
configure the software just like the author intended, or can I simply change
the settings?
Thanks for the help!
-Kevin
---------------
2.2. Kernel setup
To run the pure basics of iptables you need to configure the following
options into the kernel while doing make config or one of its related
commands:
CONFIG_PACKET - This option allows applications and utilities that needs to
work directly to various network devices. Examples of such utilities are
tcpdump or snort.
CONFIG_PACKET is strictly speaking not needed for iptables to work, but
since it contains so many uses, I have chosen to include it here. If you do
not want it, don't include it.
CONFIG_NETFILTER - This option is required if you're going to use your
computer as a firewall or gateway to the Internet. In other words, this is
most definitely required for anything in this tutorial to work at all. I
assume you will want this, since you are reading this.
And of course you need to add the proper drivers for your interfaces to work
properly, i.e. Ethernet adapter, PPP and SLIP interfaces. The above will
only add some of the pure basics in iptables. You won't be able to do
anything productive to be honest, it just adds the framework to the kernel.
If you want to use the more advanced options in Iptables, you need to set up
the proper configuration options in your kernel. Here we will show you the
options available in a basic 2.4.9 kernel and a brief explanation :
CONFIG_IP_NF_CONNTRACK - This module is needed to make connection tracking.
Connection tracking is used by, among other things, NAT and Masquerading. If
you need to firewall machines on a LAN you most definitely should mark this
option. For example, this module is required by the rc.firewall.txt script
to work.
---------------
begin 666 note.gif
M1TE&.#EA,@`R`*4``/____OT]/+>WNW3T^G(R.&SL]RHJ-B=G=.2DL^&AL9P
M<,)E9;U;6[5%1;$Z.JPO+Z@E)>[3T_;IZ>6]O<)F9N"RLLI[>[E04*PP,+ [
M.[5&1KE14<9Q<<^'A^"SL^6^OLI\?.G)R?KT]-RGI_+?W^W4U,M\?+1%1=><
MG,M]?>S/S\5L;-B>GN*VMJ@C(_7GY[M45+(\/,^%A?__________________
M_________________________________RP`````,@`R```&^D" <$@L&H_(
MI')IA#B?$*9T"JU:I]BA=<O-+KG19M<KAF*O9"':NSZ;T]HW50Y7TY7W>MS)
MS.OW84E/?WA\@H.$2'X`BXEVAD6(CH>!@).%D(^77YF,G9N1F9*@BI"CI&5[
M8D2?=9*GGH&MK)68FF5AIJ^[M:JPL;G!;\-^@[]\R%&(R[)QJ<?*T9ZT=H_2
MH=&]T\#;U=N&L,:MNM?>X-JTV4?DUNS G\R]HK*CO/+NJ.OX^=BJ_*G^_MT*
M*/!4HTMY?H&"-FO2HH-_#BI,--$:*8C<$%9,US!+%8\8.6W4%Q)71Y$C`9V4
3`H9DFXA@8J(C)+,DQ9=9@@``.P``
`
end
- Next message: Sinister Midget: "Re: Problem with Windows!"
- Previous message: Lars M. Hansen: "Re: Problem with Windows!"
- In reply to: Allen Kistler: "Re: Help with Linux Basics"
- Next in thread: Allen Kistler: "Re: Help with Linux Basics"
- Reply: Allen Kistler: "Re: Help with Linux Basics"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
