Re: What easy firewall front end for woody/bonzai?
On Wed, 2004-01-14 at 20:02, lists1 wrote:
> I have a woody bonzai install I could use a bit of advice on.
>
> The network consists of a handful of public ip addresses. One of the ip
> addresses is behind a nat/firewall and is used for an internal lan of
> workstations. A second ip address will run a server that I need the advice
> for. The rest of the ip addresses will not be used at this time.
>
> The second ip address, let's call it .2, will run apache and will have port 80
> open to the internet (including being open to the nat/firewalled ip address
> for testing and administration). There will be no access between the lan and
> the apache server internally through a second ethernet card. The server only
> has one ethernet card. Adding a second card for internal access is not an
> option. Administration will be by ssh'ing into the box from the lan, so the
> ssh port will also be open.
>
> Sometime in the future, the server will also need other ports opened to the
> internet, basically mail, bind and several others. I can edit the
> configuration file to open the additional ports from what I've seen from rule
> sets.
>
> I'm on another list where others have offered to help me with the rule set to
> get my setup running. But I'm trying to do this myself, or at least get
> started. I'm finding the documentation on iptables and rule sets extremely
> difficult to understand. I've looked at some examples, and at several pages
> that automate rule set configuration, but obviously my setup isn't one of the
> options. I also don't know what to do with the rule set(s).
>
> Is there a front end to woody that I can use that will help me out in this
> situation? I've looked at some of the front ends, but some lack
> documentation or have stopped supporting the app, and quite a few don't have
> a woody package where I'm looking (the standard stable US/nonUS locations
> installed by woody). I've also done some google searching for frontends but
> the end up in the same situation, old apps or non-woody.
>
> I installed the most recent version of bonzai, including the Xfce window
> manager iirc. I'll be using X only until I get apache working, and then will
> probably uninstall X, and if the firewall front end runs on X, it will be
> gone as well.
>
> The front end may answer this question for me, but what do I do with the rule
> set once I have it? Put it in directory related to iptables? Run it from
> the command line?
>
> Thanks
>
> Bing.
> --
>
I've found webmin to be good for administering just about anything,
including iptables.
Just have mozilla installed, ssh in and start mozilla in the
ssh-session, that way you don't have to have a port open for webmin...
Sturla
Reply to: