[CS-FSLUG] Firewall fights

[Ed Hurst]

I've tried to read the HOWTOs on IPTables and so forth, and I just don't 
get it. There's a sense in which I can parse what the lines in a 
firewall say, but I have no idea what should be in a firewall, and why.

On distros that hold you hand building a firewall, I'm usually just 
fine. FreeBSD has a standard firewall script that's exceedingly well 
commented, so I can understand it enough to make it work. Debian has no 
such thing. Kanotix uses Shorewall, but I don't get some of the 
questions, so I ended with a firewall too tight. I am currently using 
Quicktables, but I've had to run the script a dozen times reworking the 
few questions it asks, and still I'm having trouble with my DSL 
connection. This is trouble I don't have on FreeBSD and CentOS.

I'm quite certain it's not the connection itself, because I tested other 
OSes on the same modem. Is there anyone here who can take a look at my 
script and make adjustments? For example, I started with logging all 
dropped packets. I got tons of TCP ACK RST from port 80 on sites I 
visit. Is this a timeout issue, or am I blocking something I shouldn't?

-- 
Ed Hurst
----------
Bible Application - http://ed.asisaid.com/bible/index.html
Plain & Simple Computer Help - http://ed.asisaid.com/
Mission, Method & Means - http://ed.asisaid.com/blog/