A month of Mobian
#13
On the firewall todo, I was able to get the firewall working without any issues with the following setup:
1. install iptables-persistent via apt-get
2. Here's a config similar to what I used in /etc/iptables/iptables.v4:
Code:
*filter
:INPUT DROP [0:0]
:OUTPUT ACCEPT [0:0]


# INCOMING traffic on the loopback device
-A INPUT -i lo -j ACCEPT

# ESTABLISHED RELATED TRAFFIC
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT


# Let ssh in for some hosts
-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -s <host to allow> -j ACCEPT
-A INPUT -p icmp -m state --state NEW -s 192.168.6.100 -j ACCEPT


# LOG and DROP remaining traffic
-A INPUT -m limit --limit 15/h --limit-burst 5 -j LOG --log-prefix "IPTABLES IN: "
-A INPUT -j DROP
COMMIT

2. Here's a config similar to what I used in /etc/iptables/iptables.v6:
Code:
*filter
:INPUT DROP [0:0]
:OUTPUT ACCEPT [0:0]

# INCOMING traffic on the loopback device
-A INPUT -i lo -j ACCEPT

# ESTABLISHED RELATED TRAFFIC
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# LOG and DROP remaining traffic
-A INPUT -m limit --limit 15/h --limit-burst 5 -j LOG --log-prefix "IP6TABLES IN: "
-A INPUT -j DROP

COMMIT


As far as I can tell it hasn't blocked any of the normal functionality of the device(calls/sms still work). Though obviously it will depend on your use cases.
  Reply


Messages In This Thread
A month of Mobian - by Ri3qXkW4hjb - 04-08-2021, 02:56 PM
RE: A month of Mobian - by Ri3qXkW4hjb - 04-08-2021, 06:38 PM
RE: A month of Mobian - by MtnSk8 - 04-09-2021, 11:56 PM
RE: A month of Mobian - by kqlnut - 04-11-2021, 04:15 AM
RE: A month of Mobian - by wibble - 04-12-2021, 10:47 AM
RE: A month of Mobian - by kqlnut - 04-13-2021, 02:56 AM
RE: A month of Mobian - by devrtz - 05-01-2021, 08:18 PM
RE: A month of Mobian - by Zebulon Walton - 04-10-2021, 06:14 AM
RE: A month of Mobian - by Ri3qXkW4hjb - 04-10-2021, 12:42 PM
RE: A month of Mobian - by RTP - 04-10-2021, 11:56 PM
RE: A month of Mobian - by Ri3qXkW4hjb - 04-13-2021, 11:54 AM
RE: A month of Mobian - by Ri3qXkW4hjb - 04-29-2021, 01:11 AM
RE: A month of Mobian - by steves - 05-09-2021, 12:15 PM

Possibly Related Threads…
Thread Author Replies Views Last Post
  bookworm vs trixie discussion for mobian in pinephone regular. zetabeta 15 1,517 03-25-2024, 09:07 AM
Last Post: anonymous
  cant verify mobian image at website gnugpg penguins_rule 0 70 03-18-2024, 08:54 PM
Last Post: penguins_rule
  mobian installed to eMMC - how to install tow-boot grump_fiddle_reinstall 6 1,719 11-22-2023, 11:46 AM
Last Post: aLoop100o
  What actions needed to keep on mobian testing user641 3 1,691 09-05-2023, 06:44 AM
Last Post: Zebulon Walton
  Mobian boot failed with zstd message after upgrade. Mahgue 0 581 09-01-2023, 11:29 AM
Last Post: Mahgue
  how to update mobian over tor vusra 13 6,544 07-09-2023, 08:57 PM
Last Post: vusra
  opensnitch outbound firewall now works on mobian vusra 2 1,799 07-09-2023, 01:37 AM
Last Post: vusra
  Using Nativefier on PP64 with Mobian paulcarton 0 577 07-05-2023, 03:57 AM
Last Post: paulcarton
  Has anyone got briar-desktop running on mobian? vusra 5 2,863 06-19-2023, 03:02 PM
Last Post: vusra
  Axolotl on PinePhone / Mobian arno_nuehm 219 160,478 03-26-2023, 01:49 AM
Last Post: shulamy

Forum Jump:


Users browsing this thread: 1 Guest(s)