Discussion Forums > Technology

Mac software firewall

<< < (2/2)

rl9009:
You can definitely try my IPTables Firewall rules if you want a Mac software firewall.


--- Code: ---
# Generated by iptables-save v1.4.4 on Tue Dec 22 18:59:03 2009
*nat
:PREROUTING ACCEPT [2965974:3905346829]
:POSTROUTING ACCEPT [1522:96978]
:OUTPUT ACCEPT [6752:508159]
# Port forwarding
COMMIT
# Completed on Tue Dec 22 18:59:03 2009
# Generated by iptables-save v1.4.4 on Tue Dec 22 18:59:03 2009
*filter
:INPUT ACCEPT [4298771:4397921774]
:FORWARD ACCEPT [5578830:2863752069]
:OUTPUT ACCEPT [3642964:402750318]
-A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -i eth0 -o eth1 -j ACCEPT
COMMIT
# Completed on Tue Dec 22 18:59:03 2009

--- End code ---

I've been using this iptables for quite some time, but you should change it to suit your needs. Besides, why need a firewall when you can just NAT yourself and save all the hard work... No wait, NATing was supposed to solve the problem of IPv4 address exhaustion, not to be implemented as a security solution.

Navigation

[0] Message Index

[*] Previous page

Go to full version