Help setting up a dedicated IPtables firewall
From: Frank Harris (phrankster@hotmail.com)
Date: 12/11/02
- Next message: Greg Flanagan: "Re: monitoring tool for wireless-lan (802.11b)"
- Previous message: Johan Kullstam: "Re: Motivated amateur discovers nose picking, feces eating maggot"
- Next in thread: William Park: "Re: Help setting up a dedicated IPtables firewall"
- Reply: William Park: "Re: Help setting up a dedicated IPtables firewall"
- Reply: David: "Re: Help setting up a dedicated IPtables firewall"
- Reply: scott@_nospam_scottsavarese.com: "Re: Help setting up a dedicated IPtables firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: phrankster@hotmail.com (Frank Harris) Date: 11 Dec 2002 12:35:42 -0800
I am currently running an IPtables firewall on a Red Hat 8.0 Linux
server that also houses mail, dns and web services for multiple
virtual hosts. I am planning on separating each service onto it's own
dedicated server, however, I would prefer to not setup an IPtables
firewall on each machine. Instead, I would like a dedicated Linux
server for firewalling between my internet router and the other
servers. I also want to allow other services into some of the machines
(such as ssh and ftp).
I suspect I need two NIC cards for the firewall. One that can talk on
the same network as the internet router, and the other that can talk
to the rest of the servers on my network.
This is an example of what I'm trying to accomplish:
router.somedomain.com 198.123.50.1
firewall1.somedomain.com 198.123.50.2 (nic card 1- external)
firewall2.somedomain.com 192.168.1.1 (nic card 2- internal)
(servers behind firewall)
ns1.somedomain.com 192.168.1.5 (allow dns,ssh)
ns2.somedomain.com 192.168.1.6 (allow dns,ssh)
mail1.somedomain.com 192.168.1.10 (allow pop3,smtp,ssh)
mail2.somedomain.com 192.168.1.11 (allow pop3,smtp,ssh)
www.somedomain.com 192.168.1.20 (allow http,https,ssh)
I would prefer to not use NAT, but I'm not sure if it's a requirement
for the type of firewall/network configuration I want to have.
I'm not entirely sure how to approach this. I'm not real familiar with
IPtables (I used NARC to configure my existing firewall), so I will
need some working examples (or at least some resource I can
reference).
Thanks for your help in advance.
Frank
- Next message: Greg Flanagan: "Re: monitoring tool for wireless-lan (802.11b)"
- Previous message: Johan Kullstam: "Re: Motivated amateur discovers nose picking, feces eating maggot"
- Next in thread: William Park: "Re: Help setting up a dedicated IPtables firewall"
- Reply: William Park: "Re: Help setting up a dedicated IPtables firewall"
- Reply: David: "Re: Help setting up a dedicated IPtables firewall"
- Reply: scott@_nospam_scottsavarese.com: "Re: Help setting up a dedicated IPtables firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
