Questions on IPTables & N900
 

Hi,
Can anyone tell me how to install iptables firewall on N900?

As far as I am aware, the default kernel is not compatible with iptables, or is it?
If it's not, how do I install both the compatible kernel and the iptables itself?

I've found some posts which are related to my question but since I am new to Linux I still couldn't understand how to install them :confused:

Also, if the default kernel of N900 is not compatible with iptables and if I do a firmware upgrade on my N900, will the compatible kernel got replaced so that I will have to reinstall it again?

Thank you in advance. ;)

P.S.: If there's something wrong with what I said, please correct me since I'm not sure if I understood those things properly. All I want is a firewall :D

Re: Questions on IPTables & N900
 

any answer please? :confused:

by the way, I've just found iptables package here:
http://maemo.org/packages/view/iptables/

Can I just use it?
Which one should I download?
And do I just install the deb file?

Re: Questions on IPTables & N900
 

correct, iptables is a kernel module in linux but i not in the fremntle kernel.

you would need to compile your own kernel and put it in an image and flash the device with it I believe. Not ure if you cn recompile kernel on device, but I doubt it
If you are new to linux, maybe try recopiling a kernel on a desktop distro first before trying it on such a customized embedded kind of device. I am no stranger to linux or even custom kernels, but recompiling a kernel for such a specific device is more thn I want to bite off for sure.

yes, most likely. the firmware updates just rewrite that entire part of the filesystem i believe

well, the device is not really running ny service so a firewall isn't really necessary, IMO

Re: Questions on IPTables & N900
 

Thank you for your answer. :)

By the way, can I just use the package here and how do I use it?:
http://maemo.org/packages/view/iptables/

The explanation says that:
Does this mean that it includes the kernel? :confused:


Does the device block all incoming connections by default?

Re: Questions on IPTables & N900
 

There is sshd available and working for N900.

Re: Questions on IPTables & N900
 

Thanks. This answers my question on whether the device blocks all incoming connections by default or not. :)

I still need some help on iptables though :(

Re: Questions on IPTables & N900
 

Also discussed in this thread.

I'm still not 100% sure you cannot not do very basic iptables (setting input policy to drop for example) with the stock kernel.

I have not tried it and I'm running a custom kernel because I'm developing a mobile hotspot.

Compiling a new kernel (or just modules in case they do not require any special/extended symbols in the kernel proper, but netfilter does...) is not really that hard once you have a working scratchbox (see for example the bottom of the hotspot project page).

There is also kernel-maemo which is a (separate) custom kernel with even more features than the hotspot one (which basically adds only netfilter and qos).

As for "sshd available and working" only if you explicitly install it.

Re: Questions on IPTables & N900
 

By stock kernel, did you mean the default kernel which came with the device?
And if it is, has anyone tried?

Re: Questions on IPTables & N900
 

I think this basic iptables suit my needs enough.
All I want is to block all incoming connection and block unused outgoing ports, allowing only outgoing ports that I use.

Re: Questions on IPTables & N900
 

Can anyone help me further? :( :( :(