General Support - Setting up Arno's Iptables Firewall LRC - 30.08.2006, 05:05 Uhr Titel: Setting up Arno's Iptables Firewall
I have been scrounging around trying to find a forum dealing with AIF and can find noting exept how easy it is. I would like to setup tinyproxy to work with my browsers and samba without reconfiguring ips and ports etc. Tried that and all I did was muck things up. I'm Very good at that. . The basic set up at my home is as follows:
....router
.......|
M$-hub-Linux
For my internet browsing I want internet-tinyproxy-dansguardian-browser. Now how AIF fits in there I do not know, all I do know is is that I have to configure it right or nothing works. Right now I have AIF running and samba and broswers are working right. I just want things to continue to work right after getting tinyproxy and dansguardian working. I did find this one example that is supposed work that easily with firehol and it is as follows:
tinyproxy:
User nobody
Group nogroup
Port 3128
firehol:
version 5
iptables -t filter -I OUTPUT -d 127.0.0.1 -p tcp --dport 3128 -m owner ! --uid-owner dansguardian -j DROP
transparent_squid 8080 "nobody root"
# Accept all client traffic on any interface
interface any world
policy drop
protection strong
client all accept
Now I do have tinyproxy and dansguardian setup right and the one who was using firehol claimed that setting it up in this fashion allowed him to run all his internet and networking tasks without customizing each apt. The confusing thing for me is that there are 2 configure files, /etc/arno-firewall-custom-rules and /etc/arno-iptables-firewall.debconf. Unfortunately I have no clue as to have iptables work and there was little useful information anywhere that I looked that could help me figure out which file to configure (I suspect /etc/arno-firewall-custom-rules) and who to configure them. The complicating facture is that I used aptitude to install and dpkg -reconfigure to setup it up (it does work because I have seen it loading at boot), but names and locations of some of the files they mention have changed since they wrote up the documents which confuses me even more. Is there anyone who knows what fire is doing with that configuration and give the equivalant to what I need to do with the proper file inAIF? I would be very thankful. I do know that there arethose how do not think that there is any need for dansguardian type products. I do not care. I want it.
. The basic set up at my home is as follows: