Re: Configuring a machine to use Redhat as a firewall

From: sire (sire@nospam.net)
Date: 05/19/02


From: "sire" <sire@nospam.net>
Date: Mon, 20 May 2002 02:41:55 +0800

What I did for a dialup + 1 nic >>

I installed 7.2 "custom install"

Ip 192.168.0.1 subnet 255.255.255.0 default gateway etc leave blank

I selected only router/firewall + checked the "select individual packets"
option

I then removed almost all of them [keeping wvdial + ppp etc]

Once it was installed I made sure no services were starting [even iptables +
ipchains]

Then I read the IP-Masquerade-HOWTO skipping the kernel stuff and jumped to
the simple firewall rules for 2.4 kernels

The firewall was running in a few hours [1st 1 I ever made]

That's as far as I got b4 joining this list =]

I guess from here the rules can be tweaked [the how-to has stronger rules +
I gotta read more =], the firewall scanned for holes/open ports using
whatever tools you can find, and some kinda intrusion detection installed,
this part I havent got to yet but there seems to be a lot of logging utils
[portsentry, tripwire etc]

dunno if this helps..

sire
firewall newbie =]



Relevant Pages

  • Re: queer dns access problem
    ... on your subnet, but when it comes time to get out of your subnet it ... The following is why I don't think its a firewall issue. ... If by the same segment, you mean within the same 10.1.5.x domain, I ... Pinged the default gateway. ...
    (RedHat)
  • Re: Routing and Remote Access - Please Help
    ... when it got to the firewall, where would it go?, no where. ... It makes sense that the gateway 192.168.2.1 won't exist to the ... my gateway for clients on subnet A are ... that subnet and ISA firewall. ...
    (microsoft.public.windows.server.networking)
  • Re: help setting up natd and ipfw on freebsd5.2.1
    ... What I wanted to do was to setup a gateway for my internal ... > kernel with options IPFIREWALL and IPDIVERT and kernel compiled ... Then why your ping doesn't work with firewall, ...
    (freebsd-questions)
  • Re: firewall
    ... > this would be the only machine that accessed the Internet via ... Now you're setting it up as the gateway, ... You need PPP, a firewall, and NAT ... will do - I just want to get kernel ppp working with a firewall enabled. ...
    (freebsd-questions)
  • Re: natd starting after firewall rules are loaded
    ... that I did, in fact, build the kernel with several firewall options, ... kernel and built it, and, since divert is already there, the firewall ... Once the system is up, i can ipfw list and the divert command is, ...
    (freebsd-net)