LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
Search this Thread
Old 07-15-2003, 11:46 AM   #1
veil
LQ Newbie
 
Registered: Jul 2003
Posts: 1

Rep: Reputation: 0
Transparent Firewall


Hello!

I'm trying to setup a transparent firewall. I want my server to keep its original live IP address and to be behind the firewall (no masquerading). How can I accomplish this one?

Thanx.
 
Old 07-15-2003, 11:57 AM   #2
Mathieu
Senior Member
 
Registered: Feb 2001
Location: Montreal, Quebec, Canada
Distribution: RedHat, Fedora, CentOS, SUSE
Posts: 1,403

Rep: Reputation: 46
Use iptables.

Take a look at the MAN page of iptables for more informations.
 
Old 07-15-2003, 12:00 PM   #3
green_dragon37
Member
 
Registered: Oct 2002
Location: Lower Alabama
Distribution: Slackware, OpenBSD 3.9
Posts: 344

Rep: Reputation: 31
I couldn't tell you how to do it with linux, but it was fairly easy for me with OpenBSD. The link below provides instructions on setting up an completely invisibe firewall with OpenBSD.

http://www.openlysecure.org/openbsd/..._firewall.html

Ian
 
Old 07-15-2003, 03:34 PM   #4
Moltag
Member
 
Registered: Jul 2003
Location: 'Flori-duh,' US
Distribution: Slackware 9, RH 9
Posts: 33

Rep: Reputation: 15
One of the things you'll want to do for a firewall is to stealth certain ports, correct?

Stealthing ports using IPTABLES is fairly simple. Just use:

iptables -i {external_interface} -p {protocol} --dport {port_number} -j DROP

{external_interface} should be set to whatever interface your server uses to connect to the internet (eg. ppp0). {protocol} can be set to tcp, upd or icmp, depending on what protocol you want to work with. {port_number} can be set to the port number you wish to stealth. For example, if you want to block internet access to an FTP server, you would put 21 as the port number.

So, as an example, I have my linux server set up to deny FTP connections from internet clients. My DSL connection is ppp0, so my iptables ruleset looks like:

iptables -i ppp0 -p tcp --dport 21 -j DROP

You can also chose to stealth EVERYTHING against a certain protocol. For instance, I don't want internet users to be able to ping my machine, so I just use:

iptables -i ppp0 -p icmp -j DROP

Good luck.

Last edited by Moltag; 07-15-2003 at 03:40 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
transparent TranceDude Linux - Software 7 08-12-2005 04:36 PM
Transparent (or semi-transparent) mounts systemparadox Linux - General 8 04-01-2005 07:51 AM
Transparent PNGs show up as transparent in Firefox - opaque in IE? vharishankar General 10 01-11-2005 06:54 AM
transparent firewall / proxy mule Linux - Security 5 08-19-2003 01:38 AM
Mandrake Single Network Firewall and transparent proxy Nucklez Linux - Networking 1 11-29-2001 09:50 PM


All times are GMT -5. The time now is 02:45 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration