Here is an iptables firewall script that will work well for a single client.

You might want to edit it a bit to remove the references to ${lan}.  This is
only used to "allow all lan traffic".  You also might want to change the IP
address :)

Please don't send this file out publicly.  I would prefer to not have it
"known" what is open and what is not on one of my boxes (even though it is
behind another firewall -- it is mostly a transparent firewall).

Tom Veldhouse
veldy at veldy.net

----- Original Message -----
From: "H-P Christianson" <chri0704 at umn.edu>
To: <tclug-list at mn-linux.org>
Sent: Friday, August 03, 2001 1:41 PM
Subject: [TCLUG] ipchains and ssh


> Hello Linux users!  I am continuing work on my home project box and I want
> to use ipchains to make a sturdy firewall.  (RedHat 7.1).  I want to have
> default policy deny for the input chain, but allow a few things through.
> My question is, how do I let ssh connect to the X server?  I can ssh from
> another linux box with the firewall up, but if I try to run an X programs
I
> get a "can't connect to X" message.  Also, if anyone knows any good
> references for this kind of home firewalling, I'd be very interested.  All
> of the Howtos I've found deal with multiple boxes on a large commercial
> network.  Thanks in advance.
>
> Hans Christianson
>
> _______________________________________________
> tclug-list mailing list
> tclug-list at mn-linux.org
> https://mailman.mn-linux.org/mailman/listinfo/tclug-list
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: rc.firewall.client
Type: application/octet-stream
Size: 3552 bytes
Desc: not available
Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20010803/5c3eb665/rc.firewall.obj