[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

What easy firewall front end for woody/bonzai?

I have a woody bonzai install I could use a bit of advice on.

The network consists of a handful of public ip addresses.  One of the ip 
addresses is behind a nat/firewall and is used for an internal lan of 
workstations.  A second ip address will run a server that I need the advice 
for.  The rest of the ip addresses will not be used at this time.

The second ip address, let's call it .2, will run apache and will have port 80 
open to the internet (including being open to the nat/firewalled ip address 
for testing and administration).  There will be no access between the lan and 
the apache server internally through a second ethernet card.  The server only 
has one ethernet card. Adding a second card for internal access is not an 
option.  Administration will be by ssh'ing into the box from the lan, so the 
ssh port will also be open.

Sometime in the future, the server will also need other ports opened to the 
internet, basically mail, bind and several others.  I can edit the 
configuration file to open the additional ports from what I've seen from rule 

I'm on another list where others have offered to help me with the rule set to 
get my setup running.  But I'm trying to do this myself, or at least get 
started.  I'm finding the documentation on iptables and rule sets extremely 
difficult to understand.  I've looked at some examples, and at several pages 
that automate rule set configuration, but obviously my setup isn't one of the 
options.  I also don't know what to do with the rule set(s).  

Is there a front end to woody that I can use that will help me out in this 
situation?  I've looked at some of the front ends, but some lack 
documentation or have stopped supporting the app, and quite a few don't have 
a woody package where I'm looking (the standard stable US/nonUS locations 
installed by woody).  I've also done some google searching for frontends but 
the end up in the same situation, old apps or non-woody.

I installed the most recent version of bonzai, including the Xfce window 
manager iirc.  I'll be using X only until I get apache working, and then will 
probably uninstall X, and if the firewall front end runs on X, it will be 
gone as well.

The front end may answer this question for me, but what do I do with the rule 
set once I have it?  Put it in directory related to iptables?  Run it from 
the command line?



Reply to: