I really enjoyed reading this, though very tough to get through as with each rule you propose and reasons behind them I try to think how I have used them in the past.

This is a definite must have reference.

My first thoughts when reading this are you should include a disclaimer: this is NOT for the novice!

Maybe it’s just me ( cynical as I am ) but I can see people flooding you with questions like “ I just installed my first copy of linux for my network firewall, set up my Iptables just like you said, but my LAN can’t connect ... by the way, why are there no FORWARD rules listed here? “

Just a few questions.

1) did I miss it? I did not see network protocols ( such as SMB, NFS, RPC, etc. ) listed here as not to leave the network. I realize they would be dropped by the default policy ( or I believe as you call them “ Base Firewall Filters “ ) but logging them specifically could show indications of miss-configuration and/or problems within. Am I off-base here?

2) did I miss this? I did not see blocking of things like XMAS or NULL packets. Any reason, as they can be used to detect hosts, open/closed ports, etc.?

3) My last question is, well, ... I don’t know. Why did you put Firewall Management Rules before Fragementation and Reassembly of IP Datagrams , etc. ? I know we ALL do something stupid now and then. Couldn’t this potentially cause problems?


Again, a good read and reference! Thanks!