Re: Firewall + Portforwarding
Phill,
I found this ipfilter howto http://www.obfuscation.org/ipf/ipf-howto.html to be useful. If you want to go with ipcahins I would recommend reading Linux Firewalls by Robert L. Ziegler. It's focus is 2.2.x with ipchains so it doesn't cover IPtables, but explains firewalling in detail, and give you good examples.
His website is here, and he has a nice little tool online that will write an ipchains script for you. I tried it so I could have a working example. http://www.linux-firewall-tools.com/linux/firewall/index.html
Chris
Phill Kenoyer wrote:
> I have been tasked with the job of setting up a firewall at my company. We have been getting dDoSed a lot and two of our systems were rooted. The dDoS knocks out our 3com router. After paying 300 bux to 3com to fix it, they told us to turn off the 3com firewall stuff and build a firewall box. (nice support).
>
> What I have is a .32/27 network. First I just wanted to put the firewall behind the router. I had a lot of problems getting that to work. I could not find any good FM's on that. All I could figure out was that I needed a Bridge+Firewall.
>
> Now I think that I'm going to put everything on a private subnet and forward ports...(I think).
>
> Network:
> Kernel 2.4.2
> Internet <-> Router <-> Firewall <-> Internal systems
> .33 .40 .1 10.0.0.x
>
> I have been trying for months to figure out the ipchains and iptables stuff, but I think I'm just slow.
>
> Where can I find information on building a firewall of this type?
>
> I just want to protect my servers and do my job. (programming)
>
> --
> _ | _
> (_()(|('.|)('||.|()|`|(
>
> --
> To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: