Skip to main content

Initial firewall setup

More
18 years 7 months ago #14153 by alerizwe
Hay i want to know how firewall can be deployed and maintained over linux can somebody guide me about how can i learn about operating a firewall over linux.
1.I want to setup a system with 2-3 pc for practice. How i can arrange (setup)
so that one can become firewall and other two pc get behind that firewall.
2. Is iptables a good option for firewall.
3. Howcan i learn abot iptables .... is there a good tutorial that can guide me.

Thanx in advance.
More
18 years 7 months ago #14164 by nske
Replied by nske on topic Re: Initial firewall setup
Hello,

You will first need to familiarize a bit with the OS. For this, I suggest you install a distribution in an available system, or in a virtual pc (see vmware ) and play around referring to the official documentation. The best distribution to learn is, in my opinion, Slackware , it's official documentation is here . An other invaluable free book is the Linux Newbie Administrator Guide .

If you only want to build a firewall and nothing else, perhaps you should try IPCop firewall , a minimal linux distribution for that purpose that also provides a graphical interface for the configuration.

Once you make familiar wth the basics, you can focus on the installation & configuration of the firewall.

1. To properly setup this this, you'll need to put two Network Interfaces (probably ethernet adapters) in the system that will server as firewall. For your experiments, you can connect directly each host to each network interface of the firewall, afterwards you can use switches to allow for better scalability.

2. Iptables is about the only choise for firewall in linux. There are many pieces of software designed to simplify in the procedure of designing and managing security policies, but these work on top of iptables and limit your flexibility in some way. In the end, learning the syntax of IPtables proves essential. As a firewall, iptables is GREAT. It provides every feature possible, makes good use of system resources and is stable enough to be used in production environments.

3. The best starting place, is the official site for IPtables and netfilter. You should start with the howtos (at least "Networking Concepts" and "Packet Filtering") and then choose an unofficial tutorial of those mentioned (personally I like the one from Oskar Andreasson, available here ).
More
18 years 7 months ago #14195 by Ratan
Replied by Ratan on topic Re: Initial firewall setup
IP TABLES is very effective in linux. You can install squid server on one machine and also configure the IP Tables on on it. You may look at this address for my IP Tables. www.linuxquestions.org/questions/showthr...p;highlight=IPTABLES


I hope you got the idea what I want to communicate.

In case of any question you can ask.


Ratan
Time to create page: 0.118 seconds