Shorewall (Shorewall MAN pages) is a easy to deploy firewall for Linux, below are steps to set it up for your on your server. Good references and further readings at this, this and this forum thread
Install shorewall
apt-get install shorewall shorewall-common
change directory
cd /etc/shorewall
copy example files for one-interface for editing
sudo cp /usr/share/doc/shorewall-common/examples/one-interface/* .
edit rules file nano rules
add below lines before end of file
ACCEPT net fw tcp 9315
ACCEPT net fw tcp 80
edit shorewall.conf file to make it start on boot
nano /etc/shorewall/shorewall.conf
change
STARTUP_ENABLED=Yes
Now edit file /etc/default/shorewall
Look for the “startup” parameter and change it from 0 to 1. This is to prevent startup with default configuration.
Last run a check on configuration shorewall check
You should see shorewall configuration verified at the end
Last step start shorewall invoke-rc.d shorewall start you should see
Starting "Shorewall firewall": done.
If you want to check logs they are saved at /var/log/shorewall-init.log
You could also output your configuration by iptables -L, I have yet to learn how to read it though.
A lot of people use nmap to scan ports to ensure security.
0 Responses to Protect your slice
Leave a Reply