[Oisf-users] Inline Securita

Phil Daws uxbod at splatnix.net
Mon Feb 10 17:33:16 UTC 2014


Hello all,

am taking my first tiny steps in setting up Securita on a home brewed firewall.  I have built Securita and downloaded the ET sigs using PulledPork; I think!

within my iptables configuration I have defined multiple chains for performing different actions, plus have multiple interfaces defining networks ie.

eth0 -> public
eth1 -> dmz
eth2 -> internal

according to the documentation, IIRC, one would add the following:

iptables -I FORWARD -j NFQUEUE

as I have multiple networks are wish to protect the public facing I presume I would use something like:

iptables -I FORWARD 1 -i eth0 -j NFQUEUE

so that any new inbound traffic would initially be sent to the NFQUEUE and if clean would be returned back to the FORWARD queue for further processing.  Does that make sense please ?

Thank you.



More information about the Oisf-users mailing list