Register a domain and help support LQ
Go Back > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Slackware This Forum is for the discussion of Slackware Linux.


  Search this Thread
Old 07-15-2003, 12:46 PM   #1
LQ Newbie
Registered: Jul 2003
Posts: 1

Rep: Reputation: 0
Transparent Firewall


I'm trying to setup a transparent firewall. I want my server to keep its original live IP address and to be behind the firewall (no masquerading). How can I accomplish this one?

Old 07-15-2003, 12:57 PM   #2
Senior Member
Registered: Feb 2001
Location: Montreal, Quebec, Canada
Distribution: RedHat, Fedora, CentOS, SUSE
Posts: 1,403

Rep: Reputation: 46
Use iptables.

Take a look at the MAN page of iptables for more informations.
Old 07-15-2003, 01:00 PM   #3
Registered: Oct 2002
Location: Lower Alabama
Distribution: Slackware, OpenBSD 3.9
Posts: 344

Rep: Reputation: 31
I couldn't tell you how to do it with linux, but it was fairly easy for me with OpenBSD. The link below provides instructions on setting up an completely invisibe firewall with OpenBSD.

Old 07-15-2003, 04:34 PM   #4
Registered: Jul 2003
Location: 'Flori-duh,' US
Distribution: Slackware 9, RH 9
Posts: 33

Rep: Reputation: 15
One of the things you'll want to do for a firewall is to stealth certain ports, correct?

Stealthing ports using IPTABLES is fairly simple. Just use:

iptables -i {external_interface} -p {protocol} --dport {port_number} -j DROP

{external_interface} should be set to whatever interface your server uses to connect to the internet (eg. ppp0). {protocol} can be set to tcp, upd or icmp, depending on what protocol you want to work with. {port_number} can be set to the port number you wish to stealth. For example, if you want to block internet access to an FTP server, you would put 21 as the port number.

So, as an example, I have my linux server set up to deny FTP connections from internet clients. My DSL connection is ppp0, so my iptables ruleset looks like:

iptables -i ppp0 -p tcp --dport 21 -j DROP

You can also chose to stealth EVERYTHING against a certain protocol. For instance, I don't want internet users to be able to ping my machine, so I just use:

iptables -i ppp0 -p icmp -j DROP

Good luck.

Last edited by Moltag; 07-15-2003 at 04:40 PM.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
transparent TranceDude Linux - Software 7 08-12-2005 05:36 PM
Transparent (or semi-transparent) mounts systemparadox Linux - General 8 04-01-2005 08:51 AM
Transparent PNGs show up as transparent in Firefox - opaque in IE? vharishankar General 10 01-11-2005 07:54 AM
transparent firewall / proxy mule Linux - Security 5 08-19-2003 02:38 AM
Mandrake Single Network Firewall and transparent proxy Nucklez Linux - Networking 1 11-29-2001 10:50 PM

All times are GMT -5. The time now is 08:42 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration