[GNUz] Ubuntu, hackfest, SFD1

Steve Holdoway gnuz@inode.co.nz
Sun, 24 Apr 2005 17:06:25 +1200


Richard Tindall wrote:

> Jim Cheetham wrote:
>
>> On Apr 23, 2005, at 1:35 PM, Richard Tindall wrote:
>>
>>> I'll give it a go then, & probably do the desktop as well. Once I 
>>> have time to suss the firewalling (routing) side of things, I'll 
>>> finally be ready to migrate off RedHat 9!
>>
>>
>> The workstation message is pretty simple - don't run any services, 
>> therefore you don't need to bother with a firewall. 
>
>
> Except that.. when trying to be as home-network functional as on 
> Windows (Internet connection sharing) one needs to enable 
> iptables-masquerading. I found a script for this on RedHat, called 
> "firewall-2.4"; have they just misnamed this for confusion, or should 
> I believe them?

No, you don't. If your pc is using a modem to addess the internet, and 
you want to share that connection, then all you need to do is set that 
pc up as a router, which entails  enabling ip forwarding and pointing to 
it as your default gateway - very little else.

Wouldn't recommend it, though... not safe at all. If you are using home 
networking of any kind, then I really do recommend that you implement a 
firewall - I suggest IPCop for 2 reasons... first it's worked impeccably 
since installation at work, and is a pop to manage, and second, the 
in-depth knowledge of the product on this list is impressive to say the 
least.


Steve