Fossapup64: firewall settings

Moderators: 666philb, Forum moderators

Post Reply
newpet
Posts: 36
Joined: Fri Sep 24, 2021 9:29 am
Has thanked: 5 times
Been thanked: 3 times

Fossapup64: firewall settings

Post by newpet »

I'm aware 'iptables' has been replaced by 'nftables' from Ubuntu 20.04, and therefore, I believe, even in Fossapup64. In Tahrpup I was able to choose between different configurations on the run, depending what I had to do, banking, mailing, general browsing, etc. I compiled different iptables lists of commands for different uses, with symlinks for switching between quickly. Very effective and useful.
Now I need to do the same with Fossapup64, but I can't figure out how.
Any idea?

Cheers. :)

williams2
Posts: 1071
Joined: Sat Jul 25, 2020 5:45 pm
Been thanked: 306 times

Re: Fossapup64: firewall settings

Post by williams2 »

FossaPup seems to have support for legacy iptables.

I edited /etc/ppp/firewall-standalone, setting EXTIF=wlan0

Code: Select all

# iptables -P INPUT ACCEPT
# iptables -P OUTPUT ACCEPT
# iptables -P FORWARD DROP
# 
# iptables -F FORWARD
# iptables -F INPUT
# iptables -F OUTPUT
# 
# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy DROP)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
#
# sh /etc/ppp/firewall-standalone 
# 
# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
LOG        udp  --  anywhere             anywhere             udp dpts:0:1023 LOG level warning
LOG        tcp  --  anywhere             anywhere             tcp dpts:0:1023 LOG level warning
DROP       udp  --  anywhere             anywhere             udp dpts:0:1023
DROP       tcp  --  anywhere             anywhere             tcp dpts:0:1023
LOG        tcp  --  anywhere             anywhere             tcp flags:FIN,SYN,RST,ACK/SYN LOG level warning
DROP       tcp  --  anywhere             anywhere             tcp flags:FIN,SYN,RST,ACK/SYN
DROP       icmp --  anywhere             anywhere             icmp echo-request

Chain FORWARD (policy DROP)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
#

iptables seems to be setting the rules.
I don't know if the rules are actually doing anything.

EDIT: i tested by adding a rule to drop all tcp packets. It effectively blocked links browser.
To see other iptables commands that are available, type iptables then press the TAB key 2 or 3 times.

Post Reply

Return to “Fossapup64”