LinuxQuestions.org - Creating a Linux FIREWALL

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - Creating a Linux FIREWALL (https://www.linuxquestions.org/questions/linux-security-4/creating-a-linux-firewall-485913/)

Creating a Linux FIREWALL

-hello guys i am trying to setup a linux firewall for the company that i worked so far i installed squid and firestarter(is this good?). what woul i need to do to create a good firewall to protect our network.

try this:

http://www.redwall-firewall.com/

or

http://ipcop.org/

well i do not use it. i built own firewall script and squid+dansguardian+sarg on redhat distro.

Quote:

Originally Posted by SBN

-what woul i need to do to create a good firewall to protect our network.

*You got to understand about what are the protocols, packets, ports to allow from this box.
*You got to understand what are the services being offered by your firewall box & hence allow their access to needfull clients.
*I Would also suggest to not to configure it all by yourself if you are new at it as this box has further direct access to internet or probably get your firewall reviewed or checked by some professional as well. Because an improperly set firewall would'nt help your any cause.
*If you are going to use iptables, then i would suggest you to have DROP as your default policy for all of the chains & then further configuring it would be an good idea.

Also go through this below mentioned thread... it will clarify all your queries & confusions regarding tcp packet flags. (their's a nice discussion over there)
http://www.linuxquestions.org/questi...d.php?t=317389

You could find an old machine with nothing special and install a distro like Devil-Linux or Endian Firewall-Linux. Then route the internet through that machine. This is an ideal scenario for a network as it is obviously not very viable if you only have one machine.