Isinglass-hzd is a script that creates a firewall to secure dial-up users. Its purpose is to protect users' data by blocking access to unauthorized traffic.
By default, the script assumes that Ethernet interfaces are used for LAN purposes and that the user connects to the internet through some other interface like PPP. It also blocks all services on your system except for Indent requests, which is a great feature for added security.
However, if you'd like to make changes to these settings, you can simply access the /etc/isinglass.conf file. Once you're happy with your configuration, add the line "/usr/sbin/isinglass" at the beginning of your /etc/ppp/ip-up.local script (for those using RedHat) and add it to /etc/rc.d/rc.local.
One of the best things about isinglass-hzd is that it continuously undergoes updates and improvements. Most recently, the latest release adds support for ipchains, the firewalling system used in 2.1 and beyond kernels. It also provides an "isinglass.user" script to specify your user-defined rules, which is run *after* IsinGlass rules are set up.
Lastly, the latest version of isinglass-hzd defaults to denying TCP connection attempts to ports above 1023. This ensures that responses to outgoing packets are allowed by default, giving you peace of mind knowing that your system is protected. Overall, I highly recommend isinglass-hzd as a reliable and effective firewall setup script.
Version 1.14: N/A