I have centos with software firewall enable , but i want to set up hardware firewall can anybody guide how to install and configure hardware firewall in centos
View 3 RepliesI'm stuck at server with OpenNA installed, which has no relation with CentOS but If anyone knows GIPTABLES firewall to point me somewhere I can get configuring.I need to open 2 custom ports but I just can't get it to work.
View 2 Replies View RelatedI am running a centOS 5.5 server and can't synchronize with time servers via ntpd. My server sits behind a firewall with only port 80 open and I suspect this is the issue. Do I need to open other ports to connect to the time servers at [URL]?
View 4 Replies View RelatedI need to set up my centOS computer as a firewall in my home network. Ive got 2 interfaces, eth0 and eth1. I want to allow and forward all traffic on eth0 and block all traffic on eth1 except ssh, ping(icmp) and DNS. How do I do this? Ive tried some editing in /etc/sysconfig/iptables but no luck.
View 1 Replies View Relatedhow to setup centos to act as router and firewall at our office i just installed the os now i dont know where to go from here i have all the isp adresses,dns and gateway any assistance coz am really interested in learning linux thanxs iused some instructions on this site [URL] and when i try the /sysctl.config on my terminal now i get the message permission denied
View 5 Replies View RelatedI am encountering problems to configure my firewall (through iptables) to allow apt-get features, like update and install.I have the latest debian server running in a virtual machine in my windows xp and therefore I have two interfaces in this debian server:- NAT Interfaceinet: 10.0.2.15- Host Only Interfaceinet: 192.168.56.101So far my iptable rules drop all packets for default, in exception icmp and ssh that I allow to ping and connect from my windows xp. Both of them I use only the Host interface (192...) to connect to another 192... interface on my windows.
Those are working fine, but apt is not. I know, in this very moment it shouldn't. But I made a lot of attempts trying to configure the iptables allow connections through the 80 and 21 ports from/to NAT and Host. I think I made all possible combination (or not, because it didnt work). But I'm wondering if someone more experient can help me solve this problem.
I need to restrict access to the internet and keep unwanted software out of LAN with 45 workstations at the school I teach at. I thought about configuring a proxy and firewall on SuSE 11.4?
View 9 Replies View RelatedI have tried various rules, like opening port 53 for the DNS with little success. I finally figured that you need to set the source port to 53 and NOT the destination port.However, I have been unable to figure out what ports apt-get requires. The only way I get it to work is to accept everything in iptables.
View 1 Replies View RelatedI have a question about telnet.Is there any way to configure a telnet server without disable firewall.I am using redhat 5.2 and fedora 12.I have lack of knowledge about firewall.
View 1 Replies View Relatedi want to install and configure vpn server on centos 5.5 final i want to work it like that my server is in other city or country, i want to connect it in other city or country and want to use remote server internet on my computer.
View 1 Replies View RelatedI'm at my wits end at this point.
CentOS 5
iptables 1.4.1.1
APF 9.7
Webmin 1.4.80 (yes i can be a gui noob at times)
I'm currently running a dedicated server that hosts a couple of sites and runs a game server or two. I was using iptables on its own for a while, but recently I'm a target of all sorts of attacks (typically aimed directly at the gameserver on port 7777. UDP flood attacks, etc). I'm also seeing an spike in foreign spam, SSH brutes, and a few people in Turkey thought it would be cute to download files over and over and over I have decided to start banning entire countries, using the subnets listed here [URL]... I'm trying to block Central and South america (189,190,200,201.x.x.x), China, Ukraine, Turkey, Iran, Spain and Italy. I do this because a majority of the traffic from those areas are usually up to no good.
I installed APF so I could easily add these ranges in deny_hosts.rules and be done with it. I added the ranges, which turned out to be too many, and the system tanked. I decreased the amount of ranges to just 4:
189.0.0.0/8
190.0.0.0/8
200.0.0.0/8
201.0.0.0/8
Restarted APF and it loaded fine. Do an apf --list and iptables --list and it shows those 4 ranges as blocked. The only issue...I have people from 190.x and 200.x connecting to the gameserver and PLAYING. Its as if the firewall isnt there. Also, adding those ranges to /etc/hosts.deny (or whatever) doesn't block them either.
I add one of my own ips and I get blocked instantly. WTF?? I look in the iptables for webmin, and it shows an empty firewall. I do iptables --list and it shows the ranges I added in APF. I'm looking at building (or whatever its called) an fresh iptables with the geoip module added in. [URL]...
I've never done anything like this, and I don't want to kill the box. I also don't want to spend the effort if 1) something is wrong with my system to begin with and 2) the geoip module doesn't work. geoip module aside....how exactly should i configure the firewall? Empty iptables completely and then rely on APF for everything? Oh and heres another tidbit: I tried this before 2 years ago and it used to be that anything I put in APF would show when i looked at iptables using the webmin module. Thats no longer the case now. That was also on CentOS 4 when it did that. I don't know if moving to 5 is whats preventing it now.
In a nutshell, I'm new at this and I'm being inundated with terrible people trying to do terrible things and I'm ready to just give up. Can someone just give me a quick rundown on:
1) how to test that my firewall is actually firewalling
2) how I should configure the/a firewall on this CentOS5. Not too specific, I just want to know if I should empty iptables then load apf, should i not bother with APF (i like it when it works), is there a specific order of doing things?
I've got a home firewall setup running CentOs 5.2. It's got two wired interfaces: inside and out and I'm successfully using iptables to filter and nat traffic in and out as expected. Recently I've added an AirLink101 AWLH4030 wireless nic that is recognized as the AR5212/AR5213 chipset. It appears that I have everything configured properly and I've eradicated every error encountered so far. Currently, I have my ath0 interface up and essid set but am unable to connect or even see the AP from my laptop. Here is a metric shit ton of debug/output for any networking gurus to ponder over:
Ethernet Devices:
Code:
alias lsEth='lspci -v | grep "Ethernet" -A 7'
Code:
lsEth
01:09.0 Ethernet controller: VIA Technologies, Inc. VT6105 [Rhine-III] (rev 86)
Subsystem: D-Link System Inc Unknown device 1406
Flags: bus master, stepping, medium devsel, latency 64, IRQ 209
[code]...
I have just installed CentOS and it is working fine!I made a masquerade with the document there: I didn't used the script, because right now, I do not completely understand it, and obviously I am not modifying anything by leaving it like that.I was using Mandriva before and I am used to graphical tools My questions are:I add the following lines in my iptables:
[root@localhost ~]# service iptables stop
[root@localhost ~]# iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
[root@localhost ~]# service iptables save
[code]....
How do I know what sound system my Centos 5.5 install is using and how would I configure which soundcard output to use? I want to use the digital coax output from my M-Audio PCI soundcard, which appears to be detected and loaded. When I launch MPD, it autodetects an alsa sound system, but programs like alsamixer don't exist and I can't hear any sound out of the digital coax output. I haven't checked the 3.5mm stereo out yet.A little confused as to which documentation to be looking at at this point.
View 9 Replies View RelatedI will be relocating to a permanent residence sometime in the next year or two. I've recently begun thinking about the best way to implement a home-based network. It occurred to me that the most elegant solution might be the use of VM technology to eliminate as much hardware and wiring as possible.My thinking is this: Install a multi-core system and configure it to run several VMs, one each for a firewall, a caching proxy server, a mail server, a web server. Additionally, I would like to run 2-4 VMs as remote (RDP)workstations, using diskless workstations to boot the VMs over powerline ethernet.The latest powerline technology (available later this year) will allow multiple devices on a residential circuit operating at near gigabit speed, just like legacy wired networks.
In theory, the above would allow me to consolidate everything but the disklessworkstations on a single server and eliminate all wired (and wireless) connections except the broadband connection to the Internet and the cabling to the nearest power outlets. It appears technically possible, but I'm not sure about the various virtual connections among VMs. In theory, each VM should be able to communicate with the other as if it was on the same network via the server data bus, but what about setting up firewall zones? Any internal I/O bandwidth bottlenecks? Any other potential "gotchas", caveats, issues? (Other than the obvious requirement of having enough CPU and RAM).Any thoughts or observations welcome, especially if they are from real world experience in a VM environment. BTW--in case you're wondering why I'm posting here, it's because I run Debian on all my workstations/servers (running VirtualBox as a VM for Windows XP on one workstation).
I am learning to setup firewall in my home for that i have selected four system(sys1,sys2....sys4) for testing .I have configured sys2 to act as a firewall with two NIC. sys3 and sys4 are inside the firewall . sys1 is not connected to firewall for testing purpose.
the IP assignments are follows :
sys1 : ( fedora, not connected to firewall i am thinking, But i am not sure )
IP : 192.168.2.1 ,
gateway : blank
dns1 : blank
dns2 : blank
sys2 firewall ,IPTABLES )
code....
what happened is that sys1(not connected to firewall) can ssh to sys4(connected,inside firewall),since the rules are written not to ssh form sys1 to sys4..
then I came to know whatever the request I give, It directly goes as sys1 --> sys4. Not as sys1-----> sys2(firewall)---> sys4 .and the firewall is not filtering and processing anything for both inbound and outbound (i think it's my mistake some where). the requests are directly going inside without firewall.
I'm using virtual network (NAT network) for my domU.When I change dom0's firewall setup, the domU will fail to connect to Internet anymore.So far, the only way to bring the network back is reboot dom0 !I try to restart service network and libvirtd on dom0 ... it doesn't work.How can I bring the domU network back without reboot dom0 ?
View 1 Replies View RelatedI am brand new to this forum! I have spent some time on other Linux forums but based on my usage of CentOS I figured that it would be best to come straight to the pros. I've been using CentOS for a while now, mostly as a web server. Actually I use it as the base and installed Parallels Plesk Control Panel.
Anyway I want to setup a VPN and so far I haven't found any real solid documentation on how to do that! Yes I could install DAG/RPM Forge but what I really want to know how to do it from scratch. What I mean by scratch is that I want to download the tar.gz package from openvpn.net and then build it as required. I don't know much about building or compiling a package so that is why I have come here for help! I am guessing that I need to compile openVPN with openSSL and probably a few other packages... I could use openSWAN but I don't want to.
Which is the best firewall in ubuntu10.10 and how to configure it so that hackers do not get access to my computer, I also do use torrent.
View 4 Replies View RelatedHow do I configure the firewall? Is there a firewall or do I have to install one? I cant find a app anywhere in the menu. Running 10.10
View 5 Replies View RelatedHow do I configure a spare pc as a firewall for my home and what distro would I use?
View 1 Replies View RelatedIf it possible to install and configure RHN on centos...........
I HAD TRIED AND COMPLETED CONFIGURING DHCP THROUGH dhcpd.conf file and now i am stucked at configuring DNS .. how to configure DNS on CENTOS.
View 2 Replies View Relatedhow to configure my firestarter firewall. I have a website which requires the port 1935 to be open. I figured out how to open the port using firestarter. Is there anyway to make the port open only to this website, and not to every other website for security reasons of course.
View 4 Replies View RelatedI'm looking forward to the release of openSUSE 11.4, which I'm looking to install as an Internet facing gateway on a mini-ITX machine with 2 Ethernet cards. As such I've been reading up on the YaST Firewall trying to find out to configure it, and there's one thing I'd like to be able to do: 'stealth' all the firewall ports.
In other words, if someone were to hypothetically do a port scan of my external IP address, I would rather they not know whether any of the ports on my gateway are open or closed, so instead of replying with the status of those ports the packets get dropped. I've been able to do this with a product called Astaro Security Gateway, which I currently have installed on a second hand Dell Optiplex machine, but I am now looking into the possibility of installing this as a virtual machine inside an openSUSE 11.4 host (extra level of security) and would like the same functionality for the host OS.
i want to configure firewall in ubuntu 9.10...
View 2 Replies View Relatedhow can i install and configure Apache-Ant .
View 1 Replies View RelatedI'm having this issue with a Linux server that thinks it owns an IP that it doesn't.Background: We used to have a central server connected directly to the DSL modem with two interfaces. interface eth1 was setup to respond to three of our external IPs, I'll call them ext54, ext55, and ext56. The internal interface, eth0, was setup as a gateway for the LAN on IP 192.168.0.1.
We wanted to install a hardware firewall and virtualize the existing server. So now it's setup so that the WAN interface of m0n0wall is connected directly to the DSL modem and responds to ext54, ext55, and ext56 and its LAN interface is the gateway for the 192.168.2.0 network. The server was virtualized and it's eth1 configuration was changed to be 192.168.2.2 with a gateway of 192.168.2.1. Everything seemed to be working fine.
Problem: The server runs apache for our webmail system, which works fine from the outside (since I have m0n0wall NAT port 80 through to 192.168.2.2), but inside it fails.
As best as I can figure the server (which is linux Centos 4.3), thinks that it should still respond to IP ext54 instead of forwarding it on to m0n0wall to figure out where it should go. I've looked through all the config files I can think of on the linux server (ifconfig, route table, hosts file) and I can't see anything that would make the server think it is ext54. I've also checked the logs and config of m0n0wall to see if the packets are getting dropped, and again, I don't see anything.
I guess I should say that our DSL provider gives us the IPs ext54, ext55, ext56, ext57, and ext58. When I tracert the IPs on the server ext54, ext55, and ext56 don't hop at all as if the server itself serves those IPs, but ext57 and ext58 tracerts hop to the m0n0wall gateway correctly...which makes this even crazier in my opnion.
I've got my server mostly configured with Samba file shares - I can access from Linux and OSX computers. I've enabled Samba Clietn and Sambar server in the openSUSE firewall settings (on the server), but Windows 7 can't seem to connect. I've been trying to tweak registry keys in Windows and such, but had no luck. However, when I turned off the firewall on the server, I was instantly able to connect. Is there some other service or port I need to open for Windows 7?
View 4 Replies View RelatedI am novice user of linux. I need to know how to configure firewall so my system cant be compromised...In windows my system was greatly compromised. keyloggers were installed without my approval and my desktop was taken on remote. What should I do so without my knowledge no software can be installed and i can close all ports and only open which ever port is required to open. What should i do so my desktop cant be taken on remote?How do I configure user rights ? So except me no one can install any software. I will have another general user id for internet surfing
View 3 Replies View Related