question about firewall ufw
i guys i have some good question for you i'm a bit lost
i need to install and configure the firewall in my linux server {ufs} for the install no problem sudo ufw enable ... the easy part done first question i need to add a simple rule to block protocol http second question create a complex rule to block protocol UDP from all incoming and all traffic on port 53 create a complex rule who allow protocol TCP come from 10.1.2.254 255.255.255.0 to 192.168.7.25 on port 26 and after all that my server must accept all nfs,dns,ssh,apache,dhcp,and squirrelmail .... and idea ???? |
Have you looked at any UFW documentation? However, if I was to do this, I would skip UFW and just use iptables. All Linux firewalls use the NetFilter functionality in the kernel anyhow, and iptables is the standard way of interfacing with that. I suspect more people here know about iptabes than UFW, and your firewall ruleset will be portable to a distro that does not install UFW. Plus, there are a number of tutorials such as this one that can help you do most of what you specify.
However, some of the things you ask for are nonsensical. For example, you say you want to block all traffic on UDP port 53, but then say your server must accept DNS traffic, which runs on port 53. I suppose you could do this and only accept TCP DNS traffic, but this seems a bit pointless. Likewise, you block all HTTP traffic, but say you want to allow SquirrelMail traffic. SquirrelMail is a web based e-mail client, so if you don't allow HTTP traffic, no one will be able to access it. It also looks like this machine will act as a router, which requires additional considerations and configuration, especially if NAT is to be done. |
Quote:
|
Aha. Is this perchance part of a homework assignment for a course? As a general rule, LQ does not allow posters to directly solve other people's homework assignments. You'll learn a lot more doing it yourself. That being said, if you run into trouble carrying out the assignment, you can post exactly what you've tried here and what is not working, and people will try to answer any specific questions that you might have.
|
Quote:
|
All times are GMT -5. The time now is 06:16 PM. |