[NBLUG/talk] denying specific hosts via bastille-based firewall?

augie schwer at sonic.net
Mon Apr 21 13:44:01 PDT 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Daniel Smith wrote:
> I just don't want to break the Bastille config in the
> process of doing so. (in other words, I don't want
> to do something stupid, and have to drive all the
> way to Santa Rosa to get back into my machine)
> Debian:
> Linux bucky 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i686 unknown

it has been a while since i used bastille so i'm not sure if you can
specify specific hosts to deny in their config file. but if you have to
mess around directly with the script the config creates i believe there
is a user section where they allow you to write whatever you want.

i think their firewall script resides in /etc/init.d/firewall

frank's firewall page may help you decipher the code, or even better
yet, get you on the road to writing your own firewall:

http://nblug.org/firewall/

speaking of which another "frank's firewall talk" would be pretty neat
to see again... :)

augie.


- --
irc.nblug.org #nblug
registered linux user #229905
gpg public key: http://www.sonic.net/schwer/schwer.asc
Key fingerprint = 9815 AE19 AFD1 1FE7 5DEE  2AC3 CB99 2784 27B0 C072

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE+pFh6y5knhCewwHIRAlbGAKCRrwHOKOfFzQO7P8PpCZs5qD2REACfc/xo
Py/t412TbJRJ9tyMctvSrJA=
=rXF+
-----END PGP SIGNATURE-----




More information about the talk mailing list