Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Thread: Linux firewall

  1. #1
    Senior Member
    Join Date
    Jul 2004
    Posts
    177

    Linux firewall

    I need a firewall for testing purposes and I was wondering what's the fastest way to have a linux firewall working... I was thinking in an iptables with a webmin in some fedora... Any suggestion?

    Thank you all!

  2. #2
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,130
    if it will be a dedicated box (i hope so) for firewall and you arent that good on linux, i recommend this:
    www.smoothwall.org
    It has Netfilter firewall (a.k.a. iptables), squid, snort, web admin, etc...

    its a plug-and-play distro. You can get it also on linuxiso.

    However if you want to learn about firewalls, i may advise you to go to netfilter line command interface (iptables) and learn how to use it. I think that configuring a firewall with iptables is very good for understanding how a packet-filter firewall works. Netfilter also can be configured to be a statefull firewall.
    Meu sítio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

  3. #3
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    If you just need something to pound on, I'd grab a Live linux distro that you like that has IPTables on by default, or just throw Fedora 3, Suse 9.(whatever the latest is), mandrake, etc...one of them, and enable the firewall by default during install. This won't be a completely robust firewall that is tweaked for specific needs, but it will be something to smash your packets against.
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  4. #4
    Senior Member
    Join Date
    Mar 2004
    Posts
    557
    Hi

    A while ago, I was playing around with front-ends, more or less specific to iptables.
    It simplifies a lot the configuration of the iptables-rules, so it might be of interest
    for you. In my opinion, it is a good starting point in any case (eg. to understand rule-sets)

    I started with firehol1].
    --> Phish recommended fwbuilder[2]. That's the way to go in my opinion.
    There is even another project, vuurmuur[3]

    Cheers.

    [1] http://firehol.sourceforge.net/
    http://www.antionline.com/showthread...hlight=firehol
    [2] http://www.fwbuilder.org/
    [3] http://vuurmuur.sourceforge.net/
    If the only tool you have is a hammer, you tend to see every problem as a nail.
    (Abraham Maslow, Psychologist, 1908-70)

  5. #5
    Senior Member
    Join Date
    Jul 2004
    Posts
    177
    Thank you all... Smooth wall looks good, as the other suggestions

    I'm not a begginer in firewalls (i'm not an expert neither!!! ) but I always worked with "precooked" ones... Checkpoint, Sonicwall, etc... It will be intresting play around with linux...

    One more time, thank you all. Antionline is an excellent community.

  6. #6
    Senior Member
    Join Date
    May 2002
    Posts
    450
    ... don't overlook IPCop either - a branch off from Smoothwall or the otherway around and another dedicated firewall linux distro.

    I have it running here to protect the home network, runs squid, snort, and traffic shaping - not a bad package at all in a 40mb iso. Content filtering via Dansguardian is also available through an addon package, but requires a bit more RAM to keep it all running nice.

    Like Smoothwall - it takes around 10 minutes to install - so if you break it by over tweaking - no real harm done, 10 minutes or less and your back up and running.

  7. #7
    Senior Member
    Join Date
    Jul 2004
    Posts
    177
    I installed a smoothwall and it looks very good. Easy to install, to understand and well documented... Very interesting de DansGuardian optin in IPCop, I'll chek it out

    Thank you.

  8. #8
    Trumpet-Eared Gentoo Freak
    Join Date
    Jan 2003
    Posts
    992
    If you need a firewall on your existing box, if you don't have a spare box, I'd recommend iptables with shorewall, cause shorewall is easy to configure and learns you to handle iptables.

    Cheers
    Come and check out our wargame-site @ http://www.rootcontest.org
    We chat @ irc.smdc-network.org #lobby

  9. #9
    Senior Member
    Join Date
    Dec 2004
    Posts
    104
    If you're looking for a GUI IPtables firewall (something like what Zone Alarm is for Windows) then I'd suggest Firestarter, I won't say I have personal experience with this package but from the site it seems to be a good IPtable configuration solution for people new to Linux.
    http://www.AntiOnline.com/sig.php?imageid=745
    http://www.AntiOnline.com/sig.php?imageid=746
    -- Be a part of the team! Join Protochaderin and help us build the game you want to play! --
    - http://img.photobucket.com/albums/v6...m/devlogo2.gif -

  10. #10
    Senior Member
    Join Date
    Jul 2004
    Posts
    177
    What I miss in Smoothwall is the ability to restrict outgoing connections...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •