[ale] iptables for wireless firewall

Joe jknapka at earthlink.net
Thu Apr 10 13:47:25 EDT 2003


Transam <bob at verysecurelinux.com> writes:

> There is not security within a wireless network.  Don't kid yourself
> with firewall rules.  You need a VPN tunnel through the wireless network.

And I have one, and it works great for Linux clients. Problem is, I
have Windows clients on the wireless network, and IPsec is not simple
to set up for them. Even when I think I have it working, it fails
mysteriously on occasion; and even when it works, it only half-works
due to MTU constraints.

So, since getting IPsec to actually *work* under Windows is
impractical, I at least want the Windows wireless boxen not to be able
to hurt anything on the wired LAN. The way I think I can achieve that
is simply, kill any packets from a non-VPN'd wireless box whose
destination is on the wired LAN. Is that a reasonable approach?

Note that I don't much care whether the wireless Windows boxen themselves
are secure. I pretty much consider that a lost cause.

Thanks,

-- Joe Knapka
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale





More information about the Ale mailing list