... to keep the bad guys out until you cruise up the learning curve:
** eth0 - facing your network
** eth1 - facing the Internet
iptables -A INPUT -i eth1 -m state --state INVALID,NEW -j DROP
iptables -A FORWARD -i eth1 -m state --state INVALID,NEW -j DROP
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
Also, if you're having trouble with an FTP client,
modprobe ip_nat_ftp
modprobe ip_conntrack_ftp
Linux Guruz is a good place to get fw scripts but more importantly, an excellent place to learn by example.
Now go mangle some packets :)
|