1 |
> > > I have shorewall set up on my router but I haven't set up anything |
2 |
> > > security-wise for my laptop which normally sits behind the router. |
3 |
> > > What should I be setting up on the laptop in preparation for traveling |
4 |
> > > and connecting via a foreign network or even directly to the Internet? |
5 |
> > > I don't run sshd on the laptop. I would think shorewall, but am I |
6 |
> > > forgetting anything? |
7 |
> > |
8 |
> > At the very least I'd do the following with iptables: |
9 |
> > |
10 |
> > iptables -P INPUT DROP |
11 |
> > iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT |
12 |
> > iptables -A FORWARD -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT |
13 |
> |
14 |
> This line is only needed if you want to forward packets to another |
15 |
> iface/device (i.e. when your laptop is acting as a router and the input |
16 |
> interface is eth0). |
17 |
|
18 |
Alright I guess I'll just set up shorewall on the laptop with a config |
19 |
similar to the router's. Maybe I'll set up shorewall on the other |
20 |
system in my local network while I'm at it. |
21 |
|
22 |
- Grant |
23 |
-- |
24 |
gentoo-user@g.o mailing list |