Gateway/Firewall/Network Logs
 

Lets see if i can describe my question right.

I got 2 servers, each on different locations (server 1 and server 2)


I want all traffic on server1 included web browsing, applications etc, be always going through server2, like a gateway. I want the traffic to be encrypted (maybe use VPN?) So if i browse, or any logs pick up ip adresses from applications used by server1, i want it to display the IP adress from server2 (Might be the wrong way to say it).

I always wants server2 to act as an firewall and logserver that logs all the traffic.

I was thinking about using Snort for IPS/IDS solutions and OpenVPN for the traffic, but what can i use as a firewall? Most firewalls i find on google has its own OS/Distribution. Maybe Squid for logs? But squid does not support much protocols.

Distribution on both servers are updated Debian/Ubuntu based.


Guides, software, tips anyone? :)


I consider myself medium knowledge with networking and linux usage so i can read myself through with proper documentation.


So the thing i need is just Howto Guides, tips for software on all things.

If it is any more information you need from me, dont hesitate to ask.


Thanks for your time!

Cheers,

Marius

Alright, do you know something about iptables/netfilter? It's the packet filtering (also firewall) system for Linux. It might solve your problem, you will just have to add another NIC to your "server2" and plug in the "server1", setting the "server1" gateway to your "server2" (the firewall box).

This guide will be very helpful to get a good understanding:
http://iptables-tutorial.frozentux.n...-tutorial.html

Well server 1 is in norway and nr 2 is in france, so its not that easy to just plug server1 onto server2. But i will take a look at iptables at least, to see how it works :)

I see, I didn't get that it was in different geographic locations.

Well, I guess openVPN would be a nice solution in that case...