The rc.firewall.txt script is the main core on which the rest of
the scripts are based upon. The rc.firewall file chapter should explain every detail in
the script most thoroughly. Mainly it was written for a dual homed network.
For example, where you have one LAN and one Internet
Connection. This script also makes the assumption that you have a static IP to
the Internet, and hence don't use DHCP,
PPP, SLIP or some other
protocol that assigns you an IP automatically. If you are looking for a script
that will work with those setups, please take a closer look at the rc.DHCP.firewall.txt script.
The rc.firewall.txt script requires the following
options to be compiled statically to the kernel, or as modules. Without one or
more of these, the script will become more or less flawed since parts of the
script's required functionalities will be unusable. As you change the script you
use, you could possibly need more options to be compiled into your kernel
depending on what you want to use.
CONFIG_NETFILTER
CONFIG_IP_NF_CONNTRACK
CONFIG_IP_NF_IPTABLES
CONFIG_IP_NF_MATCH_LIMIT
CONFIG_IP_NF_MATCH_STATE
CONFIG_IP_NF_FILTER
CONFIG_IP_NF_NAT
CONFIG_IP_NF_TARGET_LOG
