Linux Firewall
Moderator: Moderators
8 posts
• Page 1 of 1
Linux Firewall
by dillona_aix » Sun Oct 16, 2005 1:35 am
I am setting up a Linux Server on my home intranet. I need a firewall solution that will protect my other PCs FROM the server. It seens not to be a common setup. Does anybody have any suggestions?
There are 10 types of people in this world, those who understand binary and those who don't.
-
dillona_aix - Moderator
- Posts: 185
- Joined: Sun Sep 11, 2005 9:05 pm
- Location: USA
by dillona_aix » Sun Oct 16, 2005 2:56 am
After searching google I realized i could use iptables to do this. I used this command:
iptables -A OUTPUT -d 192.168.1.0/24 -p all -j REJECT
There are 10 types of people in this world, those who understand binary and those who don't.
-
dillona_aix - Moderator
- Posts: 185
- Joined: Sun Sep 11, 2005 9:05 pm
- Location: USA
by zoli » Sun Oct 16, 2005 9:34 am
yes... you are on the right track.
Unfortunately, iptables is a whole science for itself.
You may start reading at:
http://www.faqs.org/docs/iptables/
http://home.frognet.net/~aalug/docs/ipt ... ables.html
http://linux-net.osdl.org/index.php/Iproute2
From other side, there are some out-of-the-box firewall scripts for simple sites.
To be honest, they look too complicate to read and I was not sure that they work here, therefore I have build polarhome's own tables.
In short: if you want to have a fast solution without knowledge - use scripts.
Otherwise start reading (and be prepared that it requires a whole deal of abstarction and understanding before you succseed)
Unfortunately, iptables is a whole science for itself.
You may start reading at:
http://www.faqs.org/docs/iptables/
http://home.frognet.net/~aalug/docs/ipt ... ables.html
http://linux-net.osdl.org/index.php/Iproute2
From other side, there are some out-of-the-box firewall scripts for simple sites.
To be honest, they look too complicate to read and I was not sure that they work here, therefore I have build polarhome's own tables.
In short: if you want to have a fast solution without knowledge - use scripts.
Otherwise start reading (and be prepared that it requires a whole deal of abstarction and understanding before you succseed)
Regards,
Z
---
Zoltan Arpadffy
Z
---
Zoltan Arpadffy
- zoli
- Forum Admin
- Posts: 785
- Joined: Mon Sep 30, 2002 1:27 am
- Location: Stockholm, Sweden
by dillona_aix » Mon Oct 17, 2005 4:29 am
Because I need it to be able to access my Internal DNS Server and I need to be able to SSH to it.
There are 10 types of people in this world, those who understand binary and those who don't.
-
dillona_aix - Moderator
- Posts: 185
- Joined: Sun Sep 11, 2005 9:05 pm
- Location: USA
by dillona_aix » Thu Oct 27, 2005 2:57 am
Hi,
I have put it in the DMZ. What do I change the Subnet to? The router is 192.168.1.1 ,which I need to access for DNS, outside communication, etc., and the server is 192.168.1.112. The first 11 addresses are already used.
I have put it in the DMZ. What do I change the Subnet to? The router is 192.168.1.1 ,which I need to access for DNS, outside communication, etc., and the server is 192.168.1.112. The first 11 addresses are already used.
There are 10 types of people in this world, those who understand binary and those who don't.
-
dillona_aix - Moderator
- Posts: 185
- Joined: Sun Sep 11, 2005 9:05 pm
- Location: USA
by dillona_aix » Mon Oct 31, 2005 4:51 am
Hi,
I got my firewall to work using iptables.
Note to SuSE users:
In this type of setup I do not recommend using SuSEfirewall2. I would chkconfig the firewall deamons off and create a file named /etc/init.d/after.local containing your iptables scripts. This is set to automaticly run after your system boots in SuSE by default.
I got my firewall to work using iptables.
Note to SuSE users:
In this type of setup I do not recommend using SuSEfirewall2. I would chkconfig the firewall deamons off and create a file named /etc/init.d/after.local containing your iptables scripts. This is set to automaticly run after your system boots in SuSE by default.
There are 10 types of people in this world, those who understand binary and those who don't.
-
dillona_aix - Moderator
- Posts: 185
- Joined: Sun Sep 11, 2005 9:05 pm
- Location: USA
shorewall firewall- another iptables based solution
by anuj_irix » Fri Nov 04, 2005 5:42 am
I would like to add few comments about shorewall. I tried the same thing and found shorewall quiet good/flexible/powerful (a bit complicated).
Shorewall -iptables based firewall
You can use the provided sample files for configuring it, otherwise it can take some time.
Download sample files
cheers
Shorewall -iptables based firewall
You can use the provided sample files for configuring it, otherwise it can take some time.
Download sample files
cheers
anuj
- anuj_irix
- Junior Member
- Posts: 10
- Joined: Thu Nov 03, 2005 8:18 am
- Location: india
8 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 15 guests