Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Just have a couple of quick questions on IPTables/Masq. I'm new to a Linux firewall, so i'm trying to get started.
First off, you need to; echo 1 > /proc/sys/net/ipv4/ip_forward
Make sure iptables is running in runlevels 2, 3 and 5.
One question I do have is setting up the ethernet interfaces. I'm connected via cable modem and receive an IP via a DHCP server.
Would it be easiest to just specify the settings on both of my NIC's during installation? (BTW, using RH 7.3)
At this time, im still learning how to make rules for IPTables and IPMasq.
Basically, I have been working with *BSD firewalls for a couple of months now. I have used PF and IPF.
I wanted to learn Linux firewalls so this is where I am at now.
In a nutshell, i'm trying to find out the basic requirements to get IPTables setup and running on boot. For example, in OpenBSD, you needed to turn on a couple of services to enable PF and NAT. I was trying to find the equivelents for Linux, specifically RH.
Soo, basically, I was trying to find out what services I need to turn on that. That is why I was asking about;
At least I know I am on the right track. It's a little different coming from a *BSD type firewall setup to Linux. They both do the same thing, but it's a matter of getting the syntax correct.
Here is a real quick question. I am on a cable modem and I receive a IP via a DHCP server from my ISP. Would it be best to configure both nics, eth0 and eth1 during initial install? Seth eth0 as my external and set it to receive my IP via dhcp and then configure eth1 as my internal LAN Gateway address?
When you use the word "gateway", you need to remember which machine it applies to.
For the firewall itself, it can be either the ISP assigned gateway/router address in their network,
or the ip number your external interface has been assigned, or the external interface name, eth0
For dhcp, you will usually get an ISP assigned number...
For machines behind the firewall, the local firewall lan (eth1) ip number is their gateway setting...
For the rules, the only thing you don't know for certain is the dhcp assigned stuff.
It is possible to configure the firewall rules without this info using interface names & -j MASQUERADE rules, so that the rules can be turned on before the interface comes up, and left on, even if the dhcp lease is renewed.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.