LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 10-23-2010, 05:52 AM   #1
kubed_lovee
LQ Newbie
 
Registered: Jun 2007
Location: cairo , Egypt
Distribution: Fedora
Posts: 25

Rep: Reputation: 0
Unhappy Firewall and web servers


Hi Guys

I`m going to build a firewall solution for my network so i have looked sand found 2 distros that can work for that SmoothWall and IPcop , i didn't get some much luck with IPcop so i will go with SmoothWall. the thing is that i have many web servers behind that wall so how can i access those web server when i will have only one ip to access my network which will be my firewall ip and the port forwarding ability , which will forward all traffic that will come to me on lets say port 80 to only one machine behind the firewall , i have thought about that , and thought i could use a central web server and redirect . or maybe some proxy ( i really don't know much about that ) , but i think there must be some other more convenient solution . so please help guys ....
 
Old 10-23-2010, 09:20 AM   #2
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,970

Rep: Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343
Hi,

This is a typical situation of a reverse proxy.
You setup the server accessible from outside as a reverse proxy and through this you can access the backend servers. Apache, squid or nginx can all be configured as reverse proxy servers, so you can use the one you're more familiar with.

Regards
 
1 members found this post helpful.
Old 10-25-2010, 02:19 PM   #3
kubed_lovee
LQ Newbie
 
Registered: Jun 2007
Location: cairo , Egypt
Distribution: Fedora
Posts: 25

Original Poster
Rep: Reputation: 0
thanks for your help

i will check that , but exactly which one do you suggest . that will do a better job .

Thanks,
 
Old 10-25-2010, 02:37 PM   #4
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora, Lubuntu, FreeBSD
Posts: 3,930
Blog Entries: 5

Rep: Reputation: Disabled
Quote:
Originally Posted by bathory
Apache, squid or nginx can all be configured as reverse proxy servers
Right - and in this context it is AKA an "application-layer firewall".

As for which you should choose, just my own comments: Squid is more robust and featured as a reverse proxy. However, with Apache web server you can leverage mod_security, which may give it a real advantage here. (I have always intended to tinker with nginx, but haven't gotten around to it yet. My limited understanding is that nginx provides consistent performance in super high volume environments.)
 
Old 10-25-2010, 05:42 PM   #5
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,970

Rep: Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343
I second anomie's opinion about nginx.
It's very good for sites that are going to have a big load. In fact LQ also uses nginx. The only drawback in my opinion is its configuration that's a bit cryptic.
Apache can do well in more normal circumstances. I've used apache as reverse proxy in many situations (in front of 4-5 tomcat servers, or for some proprietary webmail/portal applications) and never had problems. Besides since I use apache a long time I'm most familiar with its configuration.
Regarding squid, I cannot tell how it does as a reverse proxy because never used it as such, but I guess it does good. After all it's specifically designed as a proxy server.

Regards
 
  


Reply

Tags
firewall


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
2 mail servers behind firewall fedoraman Linux - Networking 3 07-22-2010 02:47 PM
Several servers behind a firewall fw12 Linux - Networking 6 01-12-2010 08:01 AM
two web servers behind firewall, one functioning and one in construction frankie_DJ Linux - Networking 1 08-07-2009 01:46 AM
Pinging servers thru firewall Danteleo Linux - Networking 1 10-28-2006 05:25 PM
adding more web servers to make web server farm linuxboy69 Linux - Networking 5 07-09-2004 10:50 AM


All times are GMT -5. The time now is 07:03 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration