Install a simple firewall. I have used Debian Lenny.
Installation an Configuration
# apt-get install arno-iptables-firewall
Message (translated):
A simple firewall configuration can be created by answering
a few questions. This option should choose those who are not
familiar with firewall-related topics (like me).
If you do not want this, the firewall will not work until
you edit the configuration manually.
Would you like to manage the firewall configuration
with debconf?
Selection: yes
Message (translated):
The external interfaces connect this system with unsecured
networks (eg the Internet). The firewall will only allow connection
requests at these interfaces that correspond to explicitly allow
Source-/Target-Port-Combinations. You must specify all external
interfaces (such as eth0 and / or ppp0).
For a ppp-interface
that does not yet exist, the wildcard 'ppp +' can be used. However,
this is only possible if no other ppp interfaces are available!
If no interfaces are specified, no firewall configuration is performed.
Multiple interfaces must be separated with spaces.
External interface:
Input: eth0
Message (translated):
In the default firewall configuration, all specified connection
requests to the external network interface will be rejected. If
this system offers services to the outside world (eg the Internet),
this must be explicitly aktivert.
Please enter all the
TCP port number of services to be accessed from outside the. Some
commonly used ports are: 80 (http), 443 (https) or 22 (ssh).
In addition to individual port and whole areas can be
specified (eg 10000:11000). Multiple entries must be separated
by spaces.
If you are unsure, enter anything here.
Open external TCP ports
Input: 80,137,138,139
Note: The system is a web server and provides access via Samba on.
Message (translated):
In the default firewall configuration, all incoming connection
requests to the external network interface will be rejected. If
this system offers services to the outside world (eg the Internet),
this must be explicitly enabled.
Please enter all UDP port numbers to services to be accessed
from outside the.
In addition to individual port numbers and whole areas can
be specified (eg 10000:11000). Multiple entries must be separated by spaces.
If you are unsure, enter anything here.
Open external UDP ports:
Input: 137 138 139
Note: The system offers access via Samba.
Message (translated):
The internal network interface to connect this system to
trusted networks (eg home or office network., The firewall will
allow traffic from these networks. Become such interfaces specified,
it is possible to allow internet access for networks on these interfaces.
If no such interfaces are present, this field should be left blank.
Multiple interfaces must be separated with spaces.
Internal network interface
Input: - no entry -
Message (translated):
For safety reasons, the (new) firewall configuration is
not automatically enabled. You may want a manual inspection
of the firewall configuration in /etc/arno-iptables-firewall/firewall.conf
perform, especially if you are upgrading to a new version, because
configuration variables might have changed.
If you want a firewall configuration vr manually load the
next reboot, run 'invoke-rc.d arno-iptables-firewall start' from.
If you do not want manual inspection, the firewall configuration
can now be loaded.
The firewall should now be (re)started?
Selection: yes
The system operates.
It appears again this message:
For safety reasons, the (new) firewall configuration is not
automatically enabled. You may want a manual inspection of the
firewall configuration in / etc / arno-iptables-firewall / firewall.conf
perform, especially if you are upgrading to a new version, because
configuration variables might have changed.
If you want a firewall configuration vr manually load the next
reboot, run 'invoke-rc.d arno-iptables-firewall start' from.
If you do not want manual inspection, the firewall configuration can now be loaded.
The firewall should now be (re) started?
Selection: yes
Message: All firewall rules applied.
In /etc/arno-iptables-firewall/debconf.cfg you can see the settings change if necessary.
# /etc/init.d/arno-iptables-firewall restart