RESEARCHUT -- Minds With Innovations
RESEARCHUT
Minds With Innovations

RESEARCHUT - minds with innovations

This site has been archived. The new interface is: HERE

Google

NetworkManager Firewall

NetworkManager Firewall in Debian

Wednesday 30 May 2007 at 5:09 pm. Used tags: , , ,

Currently, there's no simple framework in NetworkManager for Firewalling support.

 Here's one way you can provide a simple and minimal firewall setup for your box controlled by NM.

Create the following files:

rrs@learner:~$ cat /etc/network/if-up.d/firewall
#!/bin/bash

if [ $IFACE == "lo" ]; then
    echo;
else
    /sbin/iptables -A INPUT -i $IFACE -m state --state NEW,INVALID -j DROP;
fi
rrs@learner:~$ cat /etc/network/if-down.d/firewall
#!/bin/bash

if [ $IFACE == "lo" ]; then
    echo;
else
    /sbin/iptables -D INPUT -i $IFACE -m state --state NEW,INVALID -j DROP;
fi

With these scripts in place you'll have a basic firewall where no requests initiated from outside will be dropped. NM will make sure to execute the script on the active interface basis.

I've also filed a wishlist suggesting the packagers to add something like this into the Debian package.

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426683

No comments



(optional field)
(optional field)
Sorry for the trouble but to prevent spam I require you to answer this silly question.

Comment moderation is enabled on this site. This means that your comment will not be visible until it has been approved by an editor.

Remember personal info?
Small print: All html tags except <b> and <i> will be removed from your comment. You can make links by just typing the url or mail-address.