All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Martin A. Brown" <mabrown-lartc@securepipe.com>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] Kind of curious:
Date: Sat, 08 Mar 2003 04:07:12 +0000	[thread overview]
Message-ID: <marc-lartc-104709651800579@msgid-missing> (raw)
In-Reply-To: <marc-lartc-104702266224362@msgid-missing>

 : > What exactly do you mean here?  Do you wish to use fwmark as a
 : > selector for traffic control?
 :
 : Not sure if I mean fwmark. However Stef's docs are on my reading
 : list. Basically I will want to simulate different types of firewalls
 : per iprange. Meaning -- the basic firewall config I will allow
 : anything out and only responses into the "network" and on a more evil
 : admin type firewall I would like to block various ports from outbound
 : access.

I think you'll find iptables more than adequate.

For the packet filtering, mangling/marking and NAT (if you need it),
you'll find iptables more than adequate.

For traffic control, you'll use tc, which is part of the iproute2 package.
(Note, that the tc with htb support is currently only available via the
main HTB page, as a patch or binary.)

 : Which would be better ipchains or iptables?

iptables if you have a choice.

For iptables help:

  http://iptables-tutorial.frozentux.net/

Is the best place to start.

-Martin

-- 
Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

  parent reply	other threads:[~2003-03-08  4:07 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-03-07  7:35 [LARTC] Kind of curious: james jones
2003-03-08  2:44 ` Martin A. Brown
2003-03-08  3:28 ` james jones
2003-03-08  4:07 ` Martin A. Brown [this message]
2003-03-08 19:29 ` Stef Coene

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=marc-lartc-104709651800579@msgid-missing \
    --to=mabrown-lartc@securepipe.com \
    --cc=lartc@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.