Download your favorite Linux distribution at LQ ISO.
Go Back > Forums > Linux Forums > Linux - General
User Name
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.


  Search this Thread
Old 07-08-2003, 05:11 PM   #1
Registered: Jul 2003
Posts: 8

Rep: Reputation: 0
Choice of Firewall

Hi, I running on Redhat 8.0 and would like to install a firewall. I do run a webserver on the box. I'm not familiar with firewalls so I was hoping someone would give me a suggestion to which dist. of firewall I should install. Thanks

Old 07-08-2003, 05:14 PM   #2
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 66
Take a look at iptables. It comes with RH8.
man iptables
Old 08-07-2003, 06:53 AM   #3
Registered: Mar 2002
Location: Edinburgh, Scotland
Distribution: Suse 7.2, Gentoo 1.4, Solaris 9
Posts: 661

Rep: Reputation: 30
even better than that, take a look at a preconfigured iptables firewall.

I am using firegate. It does the job quite nicely.

The url used to be but I think sourceforge have changed stuff a bit. so maybe go and search for firegate.
Old 08-07-2003, 08:14 AM   #4
LQ Newbie
Registered: Aug 2003
Location: Southport, IN, USA
Distribution: Slackware 9.0
Posts: 26

Rep: Reputation: 15
I use FireHOL. It's great.
Old 08-07-2003, 10:17 AM   #5
Registered: Mar 2002
Location: Edinburgh, Scotland
Distribution: Suse 7.2, Gentoo 1.4, Solaris 9
Posts: 661

Rep: Reputation: 30
wow. looks cool.
Old 08-07-2003, 01:30 PM   #6
Senior Member
Registered: Feb 2001
Location: Montreal, Quebec, Canada
Distribution: RedHat, Fedora, CentOS, SUSE
Posts: 1,403

Rep: Reputation: 46
Two more...


Old 08-07-2003, 04:58 PM   #7
LQ Guru
Registered: Jan 2003
Location: Turkey&USA
Distribution: Emacs and linux is its device driver(Slackware,redhat)
Posts: 1,398

Rep: Reputation: 45
if you are new to firewalls here is a thing to keep in mind do not thingk like windows there is only one firewall in linux it is iptables(ipchains in the old kernels) other are just wrapper to help you configure them so they all use iptables
Old 08-08-2003, 01:45 AM   #8
Registered: Jun 2003
Location: Denver, CO
Distribution: Debian
Posts: 95

Rep: Reputation: 15
I use ipchains.

Writing a good ipchains scritp can be challenging. Many of the examples I've seen of people's ipchains scripts are kind of bare bones. There's alot to consider. A GREAT aid is this site:

You tell the web site what you want to do with your machine, and it writes an ipchains script for you. Works great. I got a script from the website, then was able to just modify it from then on, because the script the web site writes for you based on your desires is very instructive and interesting.

Last edited by jlangelier; 08-08-2003 at 01:52 AM.
Old 08-20-2003, 06:47 PM   #9
LQ Newbie
Registered: May 2003
Location: Wellington, New Zealand
Distribution: Debian sometimes, RedHat mostly ... playing with Mandrake on my laptop
Posts: 5

Rep: Reputation: 0
smoothwall or ipcop

try not to run anything on your firewall machine except the firewall software.
Old 08-21-2003, 04:04 AM   #10
Kent Emia
Registered: Aug 2003
Location: Philippines, Davao City
Distribution: redhat / fedora /
Posts: 65

Rep: Reputation: 15
yah... im planning to implement ipcop someday....
Old 08-21-2003, 05:04 AM   #11
Registered: Mar 2003
Location: Visby, Sweden
Distribution: Ubuntu 4.10
Posts: 64

Rep: Reputation: 15
// Edit: Sorry missed that you run the box as a server. In that case I do not recommend the script below. A server will need logging and other fun stuff. //

Since my machine is a simple desktop I use a bare-bones script that allows all outgoing and allows incoming answers but nothing else. It is not perfect (lacks logging, leaves unused outgoing ports open) but it's simple and works.

Save this in as firewall, chown root firewall, chmod 744 firewall, and make it start from your initscripts (in Arch this is a matter of copying the file to rc.d dir and adding the scriptname to the deamons array in rc.conf, RedHat will use a different location).
# /etc/rc.d/firewall: start/stop firewall

if [ "$1" = "start" ]; then
	/usr/sbin/iptables -F
	/usr/sbin/iptables -P OUTPUT ACCEPT
	/usr/sbin/iptables -P FORWARD DROP
	/usr/sbin/iptables -P INPUT DROP
	/usr/sbin/iptables -A INPUT -i eth0 -m state \
elif [ "$1" = "stop" ]; then
	killall -q /usr/sbin/iptables
	echo "usage: $0 start|stop"

#End of file

Last edited by Mork; 08-21-2003 at 05:07 AM.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Installation choice? Joltgod Fedora 2 07-23-2005 12:58 AM
Is Maildir really the right choice? Red Squirrel Linux - Software 1 05-08-2005 12:06 AM
Filemanager of choice Ryujin Linux - Software 9 03-20-2005 08:26 AM
which choice? goldie Linux - Newbie 5 08-22-2004 07:28 PM
the choice of language.......... anoop_chandran Programming 4 11-28-2001 09:56 PM > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 03:07 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration