[Oisf-users] Inline Securita
uxbod at splatnix.net
Mon Feb 10 17:33:16 UTC 2014
am taking my first tiny steps in setting up Securita on a home brewed firewall. I have built Securita and downloaded the ET sigs using PulledPork; I think!
within my iptables configuration I have defined multiple chains for performing different actions, plus have multiple interfaces defining networks ie.
eth0 -> public
eth1 -> dmz
eth2 -> internal
according to the documentation, IIRC, one would add the following:
iptables -I FORWARD -j NFQUEUE
as I have multiple networks are wish to protect the public facing I presume I would use something like:
iptables -I FORWARD 1 -i eth0 -j NFQUEUE
so that any new inbound traffic would initially be sent to the NFQUEUE and if clean would be returned back to the FORWARD queue for further processing. Does that make sense please ?
More information about the Oisf-users