LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-28-2008, 01:44 AM   #1
sschegondi
LQ Newbie
 
Registered: May 2008
Posts: 3

Rep: Reputation: 0
Question Firewall and file server implementation


I have an established windows network of around 80 machines.
I want to reimplement the network using a centralized firewall and file server on one Redhat enterprise linux machine. The entire network except a couple of systems function on windows. Please suggest me the configuration required for this server and also advise me in steps, the software to be installed and configured for implementing this system.
Thanks in advance
 
Old 05-28-2008, 02:10 AM   #2
grizly
Member
 
Registered: Nov 2006
Location: Melbourne Australia
Distribution: Centos, RHEL, Debian, Ubuntu, Mint
Posts: 128

Rep: Reputation: 16
Its a rather involved process, luckily if you are going the RHEL route, you will have tech support people to phone and they will probably install it to your exacting specifications.

Should you be using the "Idea" of RHEL, but not wanting to pay for it, then may I recommend CentOS, which is binary compatible, but without the logos..

How to enable the CentOS firewall. (looks a lot like the RHEL firewall.. lmao)
http://mirror.centos.org/centos/4/do...allconfig.html

Excellent Samba HOWTO's, show you how to setup your server to serve files.
http://us4.samba.org/samba/docs/man/...TO-Collection/

So, to install and configure this the easiest,

I would read something like this: http://www.howtoforge.com/perfect_setup_fedora_core_5

Then download CentOs: http://mirror.centos.org/centos/5/isos/

Then, during the install, when it asks you what roles you want, select:

FileServer

And thats it.

Then, when it asks you if you want to enable the firewall, enable it!

You will have to configure routing and rules yourself, because that is very network dependant, some sites require inbound VPN's, others need to serve HTTP from a DMZ etc.. its best to tailor that yourself. There are tools online to create the configs for you, this site explains iptables rather well:
http://www.howtoforge.com/linux_iptables_sarge (just read the Red Hat stuff..)

Its a start..
 
Old 05-28-2008, 03:21 AM   #3
salasi
Senior Member
 
Registered: Jul 2007
Location: Directly above centre of the earth, UK
Distribution: SuSE, plus some hopping
Posts: 4,052

Rep: Reputation: 881Reputation: 881Reputation: 881Reputation: 881Reputation: 881Reputation: 881Reputation: 881
In addition to the excellent reply above, I would just like to give extra emphasis to a few points:
  • Always keep in mind the basic principle of what you are trying to do with a firewall. Block everything, unless it is necessary for what you/your users need.
  • In a situation like this, it would be useful to do some testing to ensure that the firewall is doing what you want it to. You need to think about how you are going to do that.
  • In general, linux firewalls are netfilter/iptables based. There are various things which are touted as firewalls which are really 'easy to use front ends to iptables'. It is good to understand iptables and have a look at the rules that you have in place to see whether there are any surprises there. If you are stuck you may want to look at http://iptables-tutorial.frozentux.n...-tutorial.html
    but that might just be the wrong place to start, for you.
  • In a situation like this, I would consider using Squid (web caching). It probably (slightly) boosts performance, it reduces bandwidth usage, it offers the possibility of controlling and doing some simple monitoring of acesses (blocking websites, listing accessed websites, time-based access controls...).
  • I would also consider caching name look-ups, for performance reasons. Bind is the obvious app for this (although it may be more than is necessary, depending on the complexity of the system).
Given those comments (and given that this is in the Newbie forum) your first stop should be a plan. How are you going to develop/introduce this stuff without causing unacceptable service disruption?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Basic Server (File/print, DHCP, firewall, etc.) for home use Lucky Dragon Linux - Newbie 2 03-24-2007 11:34 PM
Firewall & File Server using Linux on 450 P3, questions. brjoon1021 Linux - Networking 1 06-20-2006 04:57 PM
Linux Router/Firewall/Samba File Server jevansnc Linux - Networking 2 05-01-2006 12:56 AM
Hash File Implementation jwstric2 Programming 3 04-06-2005 12:58 PM
What prevents the implementation of sendfile() from socket to file? shy Programming 12 11-20-2004 02:26 PM


All times are GMT -5. The time now is 07:03 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration