I don't know enough to explain much:
Now I just need to figure out how to write some basic iptables rules for each of the interfaces (wlan0, eth0) and set up NAT.
like give some examples,..don't really understand how it all works , to me it seems complicated.
Here is a option,
http://easyfwgen.morizot.net/gen/
It is a simple, script that does everything for you, you first fill out some info, on the website, that is needed to generate the script, for your system , IP , etc. It is pretty self explanatory. After you fill in the blanks and the script is generated, you then download it
3. To have it applied at startup, copy this script to
# /etc/init.d/iptables. It accepts stop, start, save, and restore
# arguments. (You may wish to save the existing one first.)
# Alternatively, if you issue the 'service iptables save' command
# the init.d script should save the rules and reload them at runtime.
Be sure to set the permissions as executable. After you copy it to
, unless you have all ready set up some sort of "iptables" there will not be a file named iptables yet, once you copy it to /etc/init it will be there.
Then
will start it.To stop it,
This is what it will look like, if everything goes smoothly,..
Code: Select all
root@debian:/etc/init# ./iptables start
Loading kernel modules ...
net.ipv4.tcp_syncookies = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.all.secure_redirects = 1
net.ipv4.conf.all.log_martians = 1
Flushing Tables ...
Create and populate custom rule chains ...
Process INPUT chain ...
Process FORWARD chain ...
Process OUTPUT chain ...
Load rules for nat table ...
Load rules for mangle table ...
When you stop it:
Code: Select all
root@debian:/etc/init# ./iptables stop
Loading kernel modules ...
net.ipv4.tcp_syncookies = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.all.secure_redirects = 1
net.ipv4.conf.all.log_martians = 1
Flushing Tables ...
Firewall completely flushed! Now running with no firewall.
root@debian:/etc/init#
This will list the chains, and rules, so you can check and see what the rules look like, for your system,..probably you don't have any yet, after you run the script you will.
The first time I tried it, I had entered some info relate to the "wlan0" settings, and was unable to access anything online, I don' remember now, exactly what it was, but running the
cleared it, and everything was back to normal, later when I worked out what the wlan0 needed to be,
The script is intended for servers but just fine for "home systems" to, but really, if you are not running any kind of server at home, besides a localhost, you probably do not need this.
There is a thread here:
http://www.stopforumspam.com/forum/view ... hp?id=5860 This is in the "registered users" , which means you would have to register to see the thread, but also there is someone that could really explain a whole lot better the me, "Alex Kemp", so it might be worth it to register,
There is more details, but it is in a area not even view able by normal "registered users", only admins, but Alex would be able to answer any questions, and happy too ( I think),
I think also:
Is the fwbuilder package alone sufficient to get started?
I think that should be sufficient, if I remember correctly "fwbuilder" is very similar to the
EFG , ( Easy Fire Wall Generator), but has a little more GUI, and is in the debian repository, in the long run, for debian, that ( "fwbuilder" )probably would be the better choice. Oh, and kind of kidding, but seriously, don't hold me responsible, for anything that goes wrong, in either one of them. EFG worked fine, for me at the time,when I needed a good firewall.,.. right now, I don't really need it.