Looking for an editable script

Looking for an editable script

[Madison Kelly]

Hi all,

   I am trying to build a script to serve my office network. To date I 
have used Monmotha's Firewall script but I need more than it provides. I 
have been trying to hack his excellent script to fit my needs but a 
programmer I am not! :)

   I need something I can work into doing the following;

- Allow limited TCP/UDP ports into the firewall/router (easy enough)
- Allow limited TCP/UDP ports into LAN clients (common list for all LAN 
clients)
- NAT clients that will be public and for each client allow a specific 
list of inbound TCP/UDP ports and where the clients will, internally, 
have their own subnet seperate from the LAN clients.

   I am not asking anyone to do my work, but a head start would be 
greatly appreciated! In the meantime, back to trying to bang Monmotha's 
script to suite (please save me!) ;)

Madison

Re: Looking for an editable script

[Nick Pasich]

 Madison,

 You might want to try Arno's iptables firewall.

 It has a lot of features and can be tweaked to fit your needs.

 Arno's iptables firewall - Single- & multi-homed firewall script with DSL/ADSL
 s(C) Copyright 2001-2003 by Arno van Amersfoort
 Homepage                   : http://rocky.molphys.leidenuniv.nl/
 Freshmeat homepage         : http://freshmeat.net/projects/iptables-firewall/?topic_id=151


                   ---( Nick Pasich )---


> Date: Thu, 29 Jan 2004 12:02:03 -0500
> From: Madison Kelly <linux@alteeve.com>
> To: netfilter@lists.netfilter.org
> Subject: Looking for an editable script
> 
> Hi all,
> 
>    I am trying to build a script to serve my office network. To date I 
> have used Monmotha's Firewall script but I need more than it provides. I 
> have been trying to hack his excellent script to fit my needs but a 
> programmer I am not! :)
> 
>    I need something I can work into doing the following;
> 
> - Allow limited TCP/UDP ports into the firewall/router (easy enough)
> - Allow limited TCP/UDP ports into LAN clients (common list for all LAN 
> clients)
> - NAT clients that will be public and for each client allow a specific 
> list of inbound TCP/UDP ports and where the clients will, internally, 
> have their own subnet seperate from the LAN clients.
> 
>    I am not asking anyone to do my work, but a head start would be 
> greatly appreciated! In the meantime, back to trying to bang Monmotha's 
> script to suite (please save me!) ;)
> 
> Madison

Re: Looking for an editable script

[Tom Eastep]

On Thu, 29 Jan 2004, Madison Kelly wrote:

> Hi all,
>
>    I am trying to build a script to serve my office network. To date I
> have used Monmotha's Firewall script but I need more than it provides. I
> have been trying to hack his excellent script to fit my needs but a
> programmer I am not! :)
>
>    I need something I can work into doing the following;
>
> - Allow limited TCP/UDP ports into the firewall/router (easy enough)
> - Allow limited TCP/UDP ports into LAN clients (common list for all LAN
> clients)
> - NAT clients that will be public and for each client allow a specific
> list of inbound TCP/UDP ports and where the clients will, internally,
> have their own subnet seperate from the LAN clients.
>
>    I am not asking anyone to do my work, but a head start would be
> greatly appreciated! In the meantime, back to trying to bang Monmotha's
> script to suite (please save me!) ;)
>

Consider checking out Shorewall -- http://www.shorewall.net

-Tom
--
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net