Re: What easy firewall front end for woody/bonzai?

To: debian-firewall@lists.debian.org
Subject: Re: What easy firewall front end for woody/bonzai?
From: Pierre Fagrell <pierre@syntaxis.se>
Date: Thu, 15 Jan 2004 13:06:45 +0100
Message-id: <[🔎] 40068255.4090402@syntaxis.se>
In-reply-to: <[🔎] 200401142002.08854.lists1@pilosoft.net>
References: <[🔎] 200401142002.08854.lists1@pilosoft.net>

Hi

I'd recommend shorewall, which is a frontend for iptables there is adebian package so installation is no problem, you'll find howtos formost possible network layouts on the shorewall homepage: www.shorewall.net.


Regards

Pierre Fagrell
lists1 wrote:

I have a woody bonzai install I could use a bit of advice on.
The network consists of a handful of public ip addresses. One of the ipaddresses is behind a nat/firewall and is used for an internal lan ofworkstations. A second ip address will run a server that I need the advicefor. The rest of the ip addresses will not be used at this time.
The second ip address, let's call it .2, will run apache and will have port 80open to the internet (including being open to the nat/firewalled ip addressfor testing and administration). There will be no access between the lan andthe apache server internally through a second ethernet card. The server onlyhas one ethernet card. Adding a second card for internal access is not anoption. Administration will be by ssh'ing into the box from the lan, so thessh port will also be open.
Sometime in the future, the server will also need other ports opened to theinternet, basically mail, bind and several others. I can edit theconfiguration file to open the additional ports from what I've seen from rulesets.
I'm on another list where others have offered to help me with the rule set toget my setup running. But I'm trying to do this myself, or at least getstarted. I'm finding the documentation on iptables and rule sets extremelydifficult to understand. I've looked at some examples, and at several pagesthat automate rule set configuration, but obviously my setup isn't one of theoptions. I also don't know what to do with the rule set(s).Is there a front end to woody that I can use that will help me out in thissituation? I've looked at some of the front ends, but some lackdocumentation or have stopped supporting the app, and quite a few don't havea woody package where I'm looking (the standard stable US/nonUS locationsinstalled by woody). I've also done some google searching for frontends butthe end up in the same situation, old apps or non-woody.
I installed the most recent version of bonzai, including the Xfce windowmanager iirc. I'll be using X only until I get apache working, and then willprobably uninstall X, and if the firewall front end runs on X, it will begone as well.
The front end may answer this question for me, but what do I do with the ruleset once I have it? Put it in directory related to iptables? Run it fromthe command line?
Thanks

Bing.

Reply to:

References:
- What easy firewall front end for woody/bonzai?
  - From: lists1 <lists1@pilosoft.net>

Prev by Date: fwbuilder conversion error
Next by Date: Blokada ip po próbie logowania
Previous by thread: Re: What easy firewall front end for woody/bonzai?
Next by thread: Re: What easy firewall front end for woody/bonzai?
Index(es):
- Date
- Thread