HostedDB - Dedicated UNIX Servers
Securing-Optimizing-RH-Linux-1_2_131
Comments and suggestions concerning this book should be mailed to gmourani@videotron.ca © Copyright 1999-2000 Gerhard Mourani and Open Network Architecture ® 131 If you don’t want some services listed in the firewall rules files for the Gateway Server that I make ON by default, comment them out with a "#" at the beginning of the line. If you want some other services that I commented out with a "#", then remove the "#" at the beginning of their lines. If you are configured Masquerading on your server, uncomment the modules necessary to masquerade their respective services that you need like ip_masq_irc.o, ip_masq_raudio.o, etc. Create the firewall script file (touch /etc/rc.d/init.d/firewall) on your Gateway Server and add: #!/bin/sh # # ---------------------------------------------------------------------------- # Last modified by Gerhard Mourani:  02-01-2000 # ---------------------------------------------------------------------------- # Copyright (C) 1997, 1998, 1999  Robert L. Ziegler # # Permission to use, copy, modify, and distribute this software and its  # documentation for educational, research, private and non-profit purposes, # without fee, and without a written agreement is hereby granted.   # This software is provided as an example and basis for individual firewall # development.  This software is provided without warranty. # # Any material furnished by Robert L. Ziegler is furnished on an   # "as is" basis.  He makes no warranties of any kind, either expressed   # or implied as to any matter including, but not limited to, warranty   # of fitness for a particular purpose, exclusivity or results obtained # from use of the material. # ---------------------------------------------------------------------------- # # Invoked from /etc/rc.d/init.d/firewall. # chkconfig: - 60 95 # description: Starts and stops the IPCHAINS Firewall \ #              used to provide Firewall network services. # Source function library. . /etc/rc.d/init.d/functions # Source networking configuration. . /etc/sysconfig/network # Check that networking is up. if [ ${NETWORKING} = "no" ] then         exit 0 fi [ -f /sbin/ipchains ] || exit 0 # See how we were called. case "$1" in   start)         echo -n "Starting Firewalling Services: " # Some definitions for easy maintenance. # ---------------------------------------------------------------------------- #  EDIT THESE TO SUIT YOUR SYSTEM AND ISP. EXTERNAL_INTERFACE="eth0"                    # whichever you use LOCAL_INTERFACE_1="eth1"                  # whichever you use LOOPBACK_INTERFACE="lo"