+ 6 - 5 | § ¶NetworkManager Firewall
Currently, there's no simple framework in NetworkManager for Firewalling support.
Here's one way you can provide a simple and minimal firewall setup for your box controlled by NM.
Create the following files:
rrs@learner:~$ cat /etc/network/if-up.d/firewall
#!/bin/bash
if [ $IFACE == "lo" ]; then
echo;
else
/sbin/iptables -A INPUT -i $IFACE -m state --state NEW,INVALID -j DROP;
fi
rrs@learner:~$ cat /etc/network/if-down.d/firewall
#!/bin/bash
if [ $IFACE == "lo" ]; then
echo;
else
/sbin/iptables -D INPUT -i $IFACE -m state --state NEW,INVALID -j DROP;
fi
With these scripts in place you'll have a basic firewall where no requests initiated from outside will be dropped. NM will make sure to execute the script on the active interface basis.
I've also filed a wishlist suggesting the packagers to add something like this into the Debian package.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426683
Keywords: debian,firewall,iptables,networkmanager
+ 3 - 9 | § ¶NetworkManager Debian Network Interfaces
So many of you might be aware of NetworkManager. The big new tool from RedHat does simplify Network Configuration on your Linux box.
But there lies a small problem with NetworkManager. It is very picky about what it is going to touch and what not.
(more)Keywords: debian,networkconfiguration,networkmanager