howto: firewall for ppp interface only and accept all eth-traffic
Daniel Hedlund
daniel at digitree.org
Mon Dec 8 04:13:50 UTC 2003
On Mon, 2003-12-08 at 15:06, A.J. Bonnema wrote:
> Hi guys,
>
> I read your advice on using firewall tools, so I started using
> firestarter. Now I have the following problem. My network has two
> internet connections I might use:
>
> 1. eth1 = internal traffic + traffic from the internet through a
> physical router/firewall
>
> 2. A connection through my telefone line which I will use if the ADSL
> connection is down.
>
> So what I need is for all traffic from the eth1-card to be accepted and
> all traffic from the telefone line to be scrutenized by the fire wall.
If you want to allow all traffic from eth1 card to be accepted then you
don't want a firewall at all, except when you're using the telephone
line/modem. If this is the case then set up your firewall in
firestarter to be very restrictive (only applying to the modem dial-up
connection) and on the second page of the wizard, choose "ppp0" (or
similar) and tick 'Start the firewall on dial-out'. Go through the rest
of the wizard relating to ppp0 (blocking just about everything).
Cheers,
Daniel
> Using firestarter, does anyone know how to do this?
>
> Guus.
--
Daniel Hedlund
daniel at digitree.org
CEO & Chief Consultant
DigiTree Studios Pty Ltd.
More information about the fedora-list
mailing list