Networking :: Setup Firewall / Sys1 Is Not Connected To Firewall For Testing Purpose?

May 18, 2010

I am learning to setup firewall in my home for that i have selected four system(sys1,sys2....sys4) for testing .I have configured sys2 to act as a firewall with two NIC. sys3 and sys4 are inside the firewall . sys1 is not connected to firewall for testing purpose.

the IP assignments are follows :

sys1 : ( fedora, not connected to firewall i am thinking, But i am not sure )

IP : 192.168.2.1 ,
gateway : blank
dns1 : blank
dns2 : blank

sys2 firewall ,IPTABLES )
code....

what happened is that sys1(not connected to firewall) can ssh to sys4(connected,inside firewall),since the rules are written not to ssh form sys1 to sys4..

then I came to know whatever the request I give, It directly goes as sys1 --> sys4. Not as sys1-----> sys2(firewall)---> sys4 .and the firewall is not filtering and processing anything for both inbound and outbound (i think it's my mistake some where). the requests are directly going inside without firewall.

View 3 Replies


ADVERTISEMENT

Networking :: Setup My Firewall To Use Iperf?

Oct 27, 2009

How do i set up my firewall to allow traffic from iperf?

View 6 Replies View Related

Networking :: Setup Firewall In Redhat V5+?

Mar 4, 2009

I'm an it student and a newbie in linux OS.
We have this final project that we have to set-up
a firewall in a linux redhat OS which i totally have no idea ..
i did some research but haven't found the right one.

View 2 Replies View Related

Ubuntu Networking :: Setup A Router With Firewall?

Feb 9, 2010

I want to setup a router with firewall on ubuntu box that will connect windows pcs one serving as outside source and one serving as inside target.

View 2 Replies View Related

Networking :: Setup Iptables Firewall And DMZ With Multiple Public IP's?

Nov 27, 2008

We have a new Bussiness DSL line with 16 public addresses.What we want is to setup a DMZ to run some services and internet to the LAN. Here's a schematic of what we want:

Code:

Backup Internet Main Internet
connection connection
| |
| |
SDSL Modem BDSL Modem

[code]....

The webserver has the following settings:

IP: 12.34.56.125
subnet: 255.255.255.240
gateway: 12.34.56.126

What IPTABLES rules do i need to setup to "see" all IP's in the DMZ-2 from the internet?

View 2 Replies View Related

Networking :: Setup A Firewall In Home Network Environment

May 2, 2010

I am attempting to set up a firewall in my home network environment. the rest of the environment is windows, sorry I am attempting now so bear with me. what I have is a cable modem coming in, then my fedora 11 box with 2 nics, then the wireless router and the rest of the network.

everything works fine until I put the linux box in. If I put the firwall in the firewall sees the internet but the wireless router directly after does not. I am doing something wrong with the dhcp I am guessing. I dont want the firewall to give the address to the network I want the router to. I tried to get the firewall to do it (yum install dhcp leafnode) but it kept saying something didn't work right.

so I figure I will let the cable modem give the firewall an ip and the router give the rest of the network their ip's but how do I get the firewall and router to see each other and allow passthrough?

View 1 Replies View Related

Security :: App For Free Firewall Testing?

Nov 9, 2010

I would like to test my firewall rules. Is there some app or web service where I can do that ?

View 6 Replies View Related

Networking :: Setup Firewall / Gateway Address And Dns / Give To Clients For Accessing Internet?

May 12, 2010

I have 17 system (sys1,sys2,sys3.....sys17) in my office, and i am willing to setup a dedicated system to act as a firewall for that i have selected sys1 with two NIC(eth0 for local network and eth1 for internet) and i have configured to access internet in my office for that i have opened a wellknown port 80.but my clients are not accessing the internet..

and please check my sample IP configuration !!!

interface : eth1 (ISP IP)just for example
IP :192.168.0.2
gateway:192.168.0.1
dns:202.56.230.5
dns:202.56.230.6

Interface : eth0 (my local lan )

192.168.1.1
255.255.255.0

IP address of xp clients ranges form 192.168.1.2 to 192.168.1.16 with default 255.255.255.0

my question is that which gateway address and dns i have to give to my clients for accessing internet ?...

View 1 Replies View Related

Security :: Advanced Firewall And Testing - Block Certain Kinds Of Attacks?

Dec 14, 2010

I launched my website. At the moment the site has an firewall (iptables) enabled with very simple rules. All incoming traffic is blocked, except for the ports http and ssh. Everything is working perfect, but I want also to be able to block certain kinds of attacks. There are some really good examples on the internet, but I don't now if they contain all kinds of attacks which are relevant to my situation. To be clear, I only server web content through port 80 and use ssh to remote login.

View 3 Replies View Related

OpenSUSE Network :: Firewall Logs Are In /var/log/{firewall,warn,messages} - Clutter?

Mar 25, 2011

I suspect this is an initial configuration bug. All firewall logs seem to be going to all
three files. That causes a lot of clutter in the log files, and makes it difficult to see whether there are any serious problems being logged.

View 9 Replies View Related

CentOS 5 Networking :: When I Change Dom0's Firewall Setup, The DomU Will Fail To Connect To Internet?

May 17, 2010

I'm using virtual network (NAT network) for my domU.When I change dom0's firewall setup, the domU will fail to connect to Internet anymore.So far, the only way to bring the network back is reboot dom0 !I try to restart service network and libvirtd on dom0 ... it doesn't work.How can I bring the domU network back without reboot dom0 ?

View 1 Replies View Related

Software :: Build Firewall On Debian With 'Firewall Builder?

May 27, 2011

I'm trying to build firewall on Debian with 'Firewall Builder'. But it won't let me compile and run unless one interface is set as management. There are two interfaces on my computer: 'eth0' and 'lo'

I don't want to be able to configure firewall remotely, so could I use 'lo' as 'management interface'?

View 1 Replies View Related

Security :: Use Iptables As Firewall Instead Of Juniper Firewall?

May 9, 2011

Can we use iptables as firewall instead of Juniper firewall

View 2 Replies View Related

Debian :: Setup A Firewall In System?

Mar 7, 2011

how can i setup a firewall in my system

View 3 Replies View Related

Fedora Security :: How To Do Setup Firewall

Jul 22, 2009

Up until recently, as in a few days ago, I was using Ubuntu and had ufw managing the firewall.It's been "recommended" that iptables itself be used. Where do I do the rules go (as in a file) and how do I call those rules at startup?

View 6 Replies View Related

Ubuntu Security :: UFW - How To Setup Firewall

Jun 21, 2011

I am a Linux newbie so please bear with me if I sound stupid. I was checking out how to set up a firewall for my system and landed on this webpage: [URL]. But I am so confused with how this ufw application works. What I understand is that once I set it to "default deny" it prevents unauthorized incoming connection but what does it mean when the author says to add exceptions for services I need? When do I need to do that? Also what's an SSH server?

View 2 Replies View Related

Debian :: Setup A Good Firewall For Dummies?

Apr 5, 2011

I am running squeeze 6 on amd64 i like to know if there is guide how to setup a good firewall for dummies like me

View 7 Replies View Related

OpenSUSE Network :: Firewall Setup For OpenMPI - Can't Get To Run

Jul 24, 2010

I'm trying to get OpenMPI (a parallel programming library) working on my home system. I have just two machines on it now, t61 and quad, connected through a router. (Which is also connected to cable modem for internet.) I can ssh between the machnes, mount directories with NFS, etc. However, I just can't get the OpenMPI to run. The OpenMPI message board suggested that the most probable cause is that the firewall is blocking TCP. I don't know how to tell if that's the problem, and can't find any manual for the SuSE firewall, while the various Wikis &c that pop up in a search don't provide any information that addresses my problem.

View 9 Replies View Related

Ubuntu :: Ufw Firewall Setup / Other Connections Have Been Blocked?

Aug 3, 2011

I run ubuntu on home pc and am very happy with it. I use internet to surf and to see my email on gmail.com etc. What commands should I give to setup ufw firewall so that only this much is allowed? Also, where can I see if some other connections have been blocked?

View 9 Replies View Related

Debian :: How To Use IPtables - Basic Firewall Setup

May 16, 2010

Recently I have been working on iptables and trying to understand how to use it. Here's a little script I have written to setup a basic firewall for myself:

Code:
#!/bin/bash
if [ `id -u` -ne 0 ]; then
echo "You need root privilege"
exit 1
fi

PROG=/sbin/iptables
$PROG -F
function sethttp {
echo "Opening http port..."
$PROG -A INPUT -p tcp --dport 80 -j ACCEPT
}

function sethttps {
echo "Opening https port..."
$PROG -A INPUT -p tcp --dport 443 -j ACCEPT
}

function settorrent {
echo "Opening torrent port..."
$PROG -A INPUT -p tcp --dport 52413 -j ACCEPT
}

while getopts "hst" option; do
case "$option" in
h) sethttp;;
s) sethttps;;
t) settorrent;;
*) echo "DOH!"
esac
done

$PROG -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
$PROG -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
$PROG -A INPUT -i lo -j ACCEPT
$PROG -A OUTPUT -o lo -j ACCEPT
$PROG -A INPUT -j DROP
$PROG -A FORWARD -j REJECT
echo "Done setting up the firewall! Enjoy :)"
exit 0

OK, this can take 3 arguments that open ports 80, 443 and 52413. And at the end, some default rules are applied. But here's the thing I don't understand:
if I don't give the argument for port 80, I can still view web pages... and also, when I remove the line:

Code:
$PROG -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

Whether I say it to open port 80 or not, I can't view any web pages.

View 1 Replies View Related

Security :: Firewall Infront Of Router Setup?

Mar 9, 2011

I am trying to setup a firewall using Centos 5.5. The machine has 2 NICs, one connecting to the ISP/Modem and the other connected to a DIR-655 wireless router. The nic is connecting to the internet port on the router.

I do not want DHCP on the Firewall machine but on the wireless router.

[ISP/Modem]<--->[machine eth0]<--->[machine eht1]<--->[DIR-655 internet port]
IP from ISP Dynamic 192.168.1.1 192.168.1.2

IP's on the DIR-655 LAN will be 124.168.0.0/24 network lets say.

I have setup routes on the eth0 192.168.0.0/24 and 124.168.0.0/24
and added 124.168.0.0/24 to eth1.

I can ping eth0 and eth1 but cannot ping 192.168.1.2.

this setup is not actually connected to the internet so I disabled iptables to try testing the ping and still no good.

View 1 Replies View Related

Ubuntu Security :: Shorewall Firewall Setup In Webmin?

Jan 3, 2011

I got Shorewall firewall all Set-up perfect but I'm stuck at 1 last bit. The aim is to let on 2 clients max onto my server. I have the policy setup in webmin as.
Uploaded with ImageShack.us
More than 2 clients can get onto the server. The aim is to have it as a ddos protection allowing 100 clients on and a max burst of 10 clients at a time.

View 3 Replies View Related

Security :: Dedicated Firewall - Network Setup With Two Servers In DMZ

Jan 3, 2011

I currently want to set up a network with 2 Ubuntu servers (mail and web) in a DMZ in order to separate them from an internal network. I want to use a dedicated Linux firewall. This firewall will have 3 network interfaces on it. One network interface will connect to the external router/modem (router and modem in one box), one interface will connect to the DMZ and the other interface will connect to the internal network. The router/modem lets you put, I think it's 1 or 2, interfaces in a DMZ.

But, when I think of any of the dedicated firewall's or servers' interfaces it doesn't make sense to me to put any of them in the router/modem's DMZ (I think it would be better for the dedicated firewall's and the servers' interfaces to have static private I.Ps ie 192.168.2.4 etc right?). What I mean is that even if, as far as the router/modem is concerned, none of the interfaces were in a DMZ, the area where the servers are would still effectively be a perimeter network and with such a set up would still be, effectively,a DMZ, right?

View 7 Replies View Related

Ubuntu Security :: Outbound Firewall Protection (permissive Vs. Restrictive) - What's Setup?

Dec 18, 2010

Using Windows, I always set a Restrictive firewall policy with a third party firewall. But I also had all ports set to Stealth, something that appears to not offer any security benefits (as I've learned from reading Ubuntu forums). I'd like to learn about best security practices (under Ubuntu) for outgoing firewall protection. I will be using the built-in Ubuntu firewall that is configured via Firestarter. Outgoing filtering offers privacy as well as security benefits. But I thought I needed my ports stealthed to be safe too, so I'm open to learning new things.

I wanted to start a poll to find out how many folks use permissive/restrictive, but no polls allowed here apparently.Could Ubuntu users knowledgeable about firewalls enlighten me on whether I should go Outbound-Restrictive and what applications I will need to allow so Ubuntu "housekeeping" is not affected negatively? I basically just use the internet for software updates, web-surfing and e-mail. One question I have is whether there is something comparable in Ubuntu to Window's "DNS Client" service? I always disabled Window's "DNS Client" and forced each application to request port 53 DNS lookups itself.I only had to allow four programs to accomplish all internet traffic that I engage in. I set all other programs/applications to be either Blocked or to have to Ask for an outgoing connection as needed.Here is my former Windows XP setup:

svchost.exe: allow UDP for ports 53, 67, 68, 123 (time) and TCP for ports 80, 443
Avast: allow UDP for port 53 and TCP for port 80
firefox: allow UDP for port 53 and TCP for ports 80, 443
IE: allow UDP for port 53 and TCP for ports 80, 443

View 9 Replies View Related

Red Hat / Fedora :: Firewall - Transferring Existing Setup To Open Source Platform

Feb 5, 2011

Currently I am working on one project in which I am transferring existing setup to Open Source platform. I am having brand new IBM server with two NIC card and want to setup Firewall. I am searching for good solution which suits to me. Which firewall system I should go for? I am thinking of IPCop.

1) Firewall should support OpenVPN
2) Easy to manage for Resident technician
3) Should be block streaming, facebook and others sites.

View 1 Replies View Related

OpenSUSE Network :: Samba And Firewall / Samba Is Not Working When Firewall Is On?

Jul 26, 2010

Samba is working correctly if Susefirewall2 is off. I have added Samba client and Samba Services for extern access but samba is not working when firewall is now on. Which services should I also add ?

View 1 Replies View Related

OpenSUSE Network :: GRC Failing Firewall Setup / Set Up With Gibson Research Centre, It Fails?

Apr 21, 2011

Before I go any further I must admit that I'm pretty rubbish at setting these up, so please be gentle!

Now my problem; I have a normal desktop pc (I don't want to set it up as a server) but when I check the hardness of my set up with Gibson Research Centre, it fails. It can see ports 22,23,80,443 as closed but still visible.....? I have never had this happen to me before and struggling my way through yast firewall tool, I can find no easy way of sorting this out.

View 9 Replies View Related

General :: Backup / Setup A Second VPN Tunnel On A Fallback Gateway / Firewall On The Client Side

Mar 1, 2011

I've set up a Lan-to-Lan (routed) OpenVPN tunnel. For redundancy I want to set up a second VPN tunnel on a fallback gateway/firewall on the client side. Currently, both sides (server/client) know how to route packets across each others physical LAN. So no NAT is used. When the primary gateway (fw1) is connected to the VPN server all traffic runs via the fw1 tunnel. Than when the secondary gateway (fw2) connects to the VPN server and fw1 is still connected all traffic for fw1 will be delivered to fw2 and effectively destroying traffic intended for fw1. This is of course no problem if I first shutdown (fence) fw1, than set up fw2 to use the gateway IP address from fw1 and set up the VPN tunnel to the VPN server. Effectively replacing fw1 with fw2 on the client side.
However, I can't seem to find a decent howto.

I am also exploring the possibility to let both tunnels active and let OpenVPN (or another tool) decide how to route packets back and forth the different LANs. A virtual IP between two gateway's both running a VPN or something similar. This would be the preferred method of course. However, I don't know how to tackle this one but I'm pretty sure there are people out there who are happy to share their 2 cents.

View 3 Replies View Related

Networking :: Allow Only Sub Domain In Firewall?

Jun 13, 2011

I have got a centos 5.5 box with 2 interface (WAN & LAN) and trying to configure firewall so that LAN user can browse [URL]...

View 6 Replies View Related

Networking :: Two Webservers Behind A Firewall?

Jan 30, 2011

I have two webservers in differents machines (192.168.1.10 and 192.168.1.20) that hosts two differents domains (www.test1.com and www.test2.com).

I have a machine that acts like firewall with two NICs one to the ADSL router and another to the internal net where the two servers are.

There is a way to route to one or another machine based on the domain name? I've been reading about how to do this with iptables and DNAT but I can't find a propper solution that use domain name as destination instead ip address.

View 5 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved