[H-GEN] iptables talk > coverage wanted.

Snowy Angelique Maslov aka 'Snowpony' snowy at snowy.org
Sun Jul 28 07:27:17 EDT 2002 

[ Humbug *General* list - semi-serious discussions about Humbug and     ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]

On Sun, 28 Jul 2002, Nikolai Lusan wrote:

> Just to knock a few things on the head right now, the talk I plan on
> giving is on the basics of IP Filtering and IPTABLES. I will not be
> giving people complete firewalls or any other stuff, I will be talking
> about the concepts and methods involved in filtering and things to watch
> out for. This is not a tutorial more of a lecture, and it is on the
> _basic_ concepts not the ultimate internals. Things that will be
> discussed are:
> 	Things a filter can do (NAT, MASQ, port forward ... etc.).
> 	Things to look for in designing a filter.
> 	How the linux IP Filter works.
> 	Similarities between ipchains and iptables.
>
> If you want something more advanced or a tutorial with solutions handed
> to you on a plate then this is not for you. However if you want to be
> able to walk away with enough of an understanding to build your own
> filtering solution you are probably going to be interested.
>
> On a more general note I am a little dissapointed in the attitudes of
> some members of this list, this club is supposed to be about sharing
> knowledge and furthering your skills. People continue to ask for
> solutions handed to them on a plate rather than trying to gather the
> knowledge to do things for themselves, this does nothing for you if your
> situation changes and you need to alter a solution.

Look I'm quite happy to cover any subject you don't do on a more specific
level.  A lot of people are just coming to terms with the new
net-filter/iptables code and I think it would be advantageous to explain the
differences between ipchains and iptables and where they both currently stand
so people can have an informed decision on what their firewalls can do.

I assume there are a lot of us running windows boxes behind Unix firewalls
(for everything from game-play through to graphical front-ends and specific
application support) and the kinds of questions most of them ask are going to
be along the lines of:  So what can firewalls the likes of ipchains/iptables
support via NAT/SNAT/IP-Masquerading?  What applications can I use?  What are
the common problems?  What modules are required etc etc etc...

Of course these sorts of questions should only be asked *AFTER* you get a
basic understand of IP filtering and firewalls.  So what you are planning on
doing is invaluable.  And since Linux is so prolific in HUMBUG - centering on
the latest technology (NETFILTER/IPTABLES) is a very good idea.

Don't berate the curiosity of people out there; they are only expressing
things they would find interesting (like myself).  There will be others who
will come along and help fill the gaps/increase the knowledge base.

-- 
Snowy Angelique Maslov aka Snowpony   My [ www.vulpine.pp.se/cgi-bin/furcode ]
 |\=  http://www.snowy.org/          Art FEHuw3acdm A+ C- Dm++ H+++ M++++ P+++
- - = http://www.furryfaire.org/    Life R++ T+++ W- Z++ Sf# RLCT/M a cbu++++$
'-    http://www.anthrocon.org/   Dreams d- e+ f+++ h+ iwf+++$ j+ p* f#
[----------------------------------------------------------------------------]
[              UNSOLICITED COMMERCIAL EMAIL MESSAGE NOTICE                   ]
[ A reading fee of $25.00US will be charged for any commercial email sent to ]
[ this email account without prior consent given for such material.          ]
[----------------------------------------------------------------------------]


--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'.  See http://www.humbug.org.au/

More information about the General mailing list