[OT gentoo] Kernel settings for iptables

All of lore.kernel.org
 help / color / mirror / Atom feed

From: reader@newsguy.com
To: netfilter@vger.kernel.org
Subject: [OT gentoo] Kernel settings for iptables
Date: Thu, 27 Dec 2007 18:01:43 -0600	[thread overview]
Message-ID: <87wsqzit5k.fsf@newsguy.com> (raw)

I'm hoping someone can steer me toward some specific documentation
about setting up kernel options for maximum flexibility with iptables.

Googling I see piles of discussions about that but I've been unable to
pull out a clear idea of what needs to be set.

Going thru the make menuconfig dialog there seems to be quite a herd
of Netfilter related settings.  So many as to make it really confusing
what does what and which are important.

My general aim is to setup a small somewhat hardened Gentoo Linux OS
that will receive rejected traffic from an upstream Netgear
router/firewall. 

It will NOT be routing traffic to the lan so not a true DMZ but the
netgear has an option to send rejected traffic to what they call a
`DMZ'.  

So this machines' job is to reject and log analyze sift etc etc.

I want to study the traffic... not create a honey pot.. just have a
good look at what is coming at me.

                 reply	other threads:[~2007-12-28  0:01 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87wsqzit5k.fsf@newsguy.com \
    --to=reader@newsguy.com \
    --cc=netfilter@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.