You are not logged in. Please login or register.
Hello,
Since I had the situation - I needed to Accept connection from my home-made router, I thought it might be handy to have an extra option in the firewall. The new option in the firewall-script is called BEHINDROUTER and accepts connections from the DNS IP which in most cases is also the same as the gateway IP and the router IP.
This will be included in the upcoming NetSecL 2.4
Download Link:
http://rsync.netsecl.com/firewall/netse … .4.tar.bz2
Have fun,
Yuriy
I'm a newbie here.
I would like to know if this Firewall is beter than the Frirestarter?
Is there a documentation for configuration this program?
Greetings
If it's better than it depends on what you understand under it. The NetSecL firewall is a script not a GUI application, it stealths all ports and protects against many scans, has snort if you would like to use it as IDS. You basically would not have to do anything just let it run (which also happens by default in NetSecL), unless you need to allow some server application trough the firewall or set some IP that the script was unable to fetch. Options are in the script itself, open it in a text editor and say Y or N to turn on or off available options. If you use the firewall in a different than NetSecL distro it will be /etc/rc.d/rc.firewall and by the default in NetSecL this would be /etc/rc.d/rc.standart
hi!
Can somebody explain the differencies of the two version of the firewall script, the standard and the advanced one?
And what is the best network layout for netsecl or to start with? a direct connection to internet with a modem or a LAN with a router as dns server?
I've always used the second one and i hope netsecl configuration supports it after installation without configuration as slackware does.
I don't pretend surfing internet but just seeing the router and pinging it.
Hi 
,
The difference is if you want to use snort, you will have to use the advanced firewall script - set it in rc.firewall, you will see a variable there, also in the snort configuration you have to set your network. If you have a router just open the script you use by default rc.standart and set BEHINDROUTER to Y then save. It should work just fine
Yuriy
yeah. it works.....!
now i'll have a look to snort configuration files.
thx
Sure it will work 
