Fedora and Snort HW firewall - Page 2
Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 29

Thread: Fedora and Snort HW firewall

  1. #11
    Senior Member
    Join Date
    Mar 2004
    Location
    Colorado
    Posts
    421
    Originally posted here by customwebman
    Their IP pings at TTL=246
    But the website navigation is like waiting for paint to dry
    is this perhaps the Firewall in action?
    Are you experiencing the same delays?
    Have a delay here too

    Smoothwall is a fine firewall for getting feet wet

    Your supposition is just silly. Smoothwall is in wide use and is known to work quite well.
    Could be many reasons for slowness but hey...There is always google which will net a ton
    of hits on "linux firewall"

  2. #12
    Senior Member
    Join Date
    Mar 2004
    Location
    Colorado
    Posts
    421
    Originally posted here by customwebman
    ss2chef
    Router is managed by provider of T1, it is open.

    I thought I could put a FW box upstream of router between it and t1
    input.
    Well you would have to get a card to add to your box to terminate your T1
    It's not simply Ethernet
    Then your firewall is really a router now which will provide an interesting session or two
    of rules configuration. All very messy when you can just let your routers route and
    then pass to your firewall.

    In front of your router is the wrong place IMO.

  3. #13
    Member
    Join Date
    Aug 2004
    Posts
    32
    Linux firewall on Google I have tried, that is why I am asking my peers for advice.

    I'l keep my humor to myself in future.

  4. #14
    Member
    Join Date
    Aug 2004
    Posts
    32
    ss2chef

    I take your point, so I should place the hardware between the router and the switch.
    Excuse my ignorance but I have two feeds from router going to different switches.
    Does it follow that I should place another box between second outlet from router
    to second switch? Or is there an easier or better way?

    Thank you

  5. #15
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,403
    I'l keep my humor to myself in future.
    Always difficult. Please keep in mind that some (if not most) of us don't speak english as a native language. What might be funny in one language maybe offensive in an other.
    Also note that written (text) humor is quite different from spoken humor. It's all to do with the way you say it. Correct punctuation and/or smileys can help

    It doesn't work so it must be crap. This can be funny when pronounced with some cynicism but that's hard to put on paper
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  6. #16
    Member
    Join Date
    Aug 2004
    Posts
    32
    Should this be my plan?

    Install Smoothwall to PC with two nics and place between router and switch.

    Is there anything else I should consider at this stage?

  7. #17
    Senior Member
    Join Date
    Mar 2004
    Location
    Colorado
    Posts
    421
    SirDice makes a good point about the DMZ.
    Is it possible to put the servers open to the UNTRUSTED public on a seperate segment?

    I'm cool with humor..really

    Most Linux will provide an IPTABLES offering to you but I like the canned stuff for newer users
    as the rulesets can be a pain with multiple interfaces for users new to netfilter.

    Is an off the shelf product an option?

  8. #18
    Senior Member
    Join Date
    Mar 2004
    Location
    Colorado
    Posts
    421
    Originally posted here by customwebman
    Should this be my plan?

    Install Smoothwall to PC with two nics and place between router and switch.

    Is there anything else I should consider at this stage?
    3 NICS might be better.

    NIC1 = public untrusted interface
    NIC2 = DMZ with both servers behind it
    NIC3 = LAN Workstations and whatnot

    How you configure can depend on what IP structure you have.
    Do you only have a single public IP to work with or do you have a block to use?

    Smoothwall is one of many canned options.
    I like it cause it has other features like snort, proxy, and basic bandwith monitoring for
    each interface. It's also managed via a web page interface which is nice if you are new to
    commandline on Linux.

  9. #19
    Member
    Join Date
    Aug 2004
    Posts
    32
    Cisco router feeds to eth0 with about a dozen ip's in one block and
    about 120 ip's in another

    Second or eth1 feeds about 20 ips

    It would be a lot of work to move servers to one block because
    we added as we needed. But it might be possible to isolate most
    on eth0.

    Still need to get physical layout clear in my mind.

    Servers all within 50 feet.

    Revised plan


    T1 -- router -- smoothwall -- (eth0) webserver, dns, Internet based servers.
    | |
    (eth1) (local net)
    non critical




    How does this fit in with your suggestions?

  10. #20
    Senior Member
    Join Date
    Mar 2004
    Location
    Colorado
    Posts
    421
    Am I mistaken? It looks like in your diagram that localnet is outside any firewall.

    Maybe you need:

    router -- (eth0)smoothwall1(eth1)webserver, dns, Internet based servers.
    |
    |
    (eth0)Smoothwall2(eth1) Localnet



    Okay now I see your edit..
    Seems we are on the same page now.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •