LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 06-06-2014, 07:36 AM   #1
igadoter
Senior Member
 
Registered: Sep 2006
Location: wroclaw, poland
Distribution: many, primary Slackware
Posts: 2,717
Blog Entries: 1

Rep: Reputation: 625Reputation: 625Reputation: 625Reputation: 625Reputation: 625Reputation: 625
Firewall for Windows on Linux/BSD in virtual machine


Hi,

I want to create a firewall for windows vista in the way that i install virtualy Linux/BSD with 2 virtual network interfaces: one for connection with window's host interface and second to connect to all other user applications, web browsers etc. I want all network traffic should go through this virtual machine. Is it possible?

PS. I'm nor proffesional neither geek. My question may seems to be naive.
 
Old 06-06-2014, 02:03 PM   #2
pingu
Senior Member
 
Registered: Jul 2004
Location: Skuttunge SWEDEN
Distribution: Debian preferably
Posts: 1,350

Rep: Reputation: 127Reputation: 127
Well, ehm, yes - I guess?
Your question is very unclear to me. This is how I understand it:
You have a virtual host, and want to install a firewall as a guest, to be used for a Windows Vista server.
This firewall will have at least 3 nic's, (not 2!) one WAN (external, to Internet - did you forget this or you don't want it?) one internal for DMZ (Web apps etc on Windows), one protected (to login with rdp to Windows).

If everything is virtualized this will work pretty easily.
If Windows is on a physical server I think it still can be done, but takes some more work.

Have I understood you correctly? If not, please return and be as specific as you can.
 
Old 06-06-2014, 04:01 PM   #3
jefro
Moderator
 
Registered: Mar 2008
Posts: 22,145

Rep: Reputation: 3641Reputation: 3641Reputation: 3641Reputation: 3641Reputation: 3641Reputation: 3641Reputation: 3641Reputation: 3641Reputation: 3641Reputation: 3641Reputation: 3641
I don't have my hands on the exact page right now but there should be plenty of web pages on how to do that. There are some pre-made virtual machines (appliances) that one just loads up and runs. You change how your windows interacts. Basically you set the host to access web via the VM.
 
Old 06-06-2014, 08:38 PM   #4
lleb
Senior Member
 
Registered: Dec 2005
Location: Florida
Distribution: CentOS/Fedora/Pop!_OS
Posts: 2,983

Rep: Reputation: 551Reputation: 551Reputation: 551Reputation: 551Reputation: 551Reputation: 551
Quote:
Originally Posted by igadoter View Post
Hi,

I want to create a firewall for windows vista in the way that i install virtualy Linux/BSD with 2 virtual network interfaces: one for connection with window's host interface and second to connect to all other user applications, web browsers etc. I want all network traffic should go through this virtual machine. Is it possible?

PS. I'm nor proffesional neither geek. My question may seems to be naive.
do you have a Virtual hosted site, or is Win Vista the host OS and Linux/BSD going to be inside some kind of VM on MS Vista?
 
Old 06-07-2014, 06:16 AM   #5
igadoter
Senior Member
 
Registered: Sep 2006
Location: wroclaw, poland
Distribution: many, primary Slackware
Posts: 2,717

Original Poster
Blog Entries: 1

Rep: Reputation: 625Reputation: 625Reputation: 625Reputation: 625Reputation: 625Reputation: 625
Quote:
Originally Posted by pingu View Post
You have a virtual host, and want to install a firewall as a guest, to be used for a Windows Vista server.
Windows is running as a host for virtual machines. Yes, firewall should be created on the system running in a virtual machine. I've got virtualbox.
Quote:
Originally Posted by pingu View Post
This firewall will have at least 3 nic's, (not 2!) one WAN (external, to Internet - did you forget this or you don't want it?) one internal for DMZ (Web apps etc on Windows), one protected (to login with rdp to Windows).
Sounds complicated.


Quote:
Originally Posted by =pingu View Post
Windows is on a physical server
What do you mean by that? I've got one computer in home. Exactly on that computer i want to run such firewall. I know there are solutions 'download/install' but i'm not interested in this.

Sorry for all i'm being not precise.

Last edited by igadoter; 06-07-2014 at 06:17 AM.
 
Old 06-07-2014, 11:28 AM   #6
lleb
Senior Member
 
Registered: Dec 2005
Location: Florida
Distribution: CentOS/Fedora/Pop!_OS
Posts: 2,983

Rep: Reputation: 551Reputation: 551Reputation: 551Reputation: 551Reputation: 551Reputation: 551
Quote:
Originally Posted by igadoter View Post
Windows is running as a host for virtual machines. Yes, firewall should be created on the system running in a virtual machine. I've got virtualbox.
that will be backwards. the Host OS will see the internet as it really is. therefore you are saying, take the internet unfiltered through the HOST OS (WinVista might as well have a gate with no fence for a firewall) feed it into a secure virtual machine's firewall, pass it back to the host OS. sorry mate, but that is the wrong way around.

Install Linux or BSD as your host OS. If you must run Win Vista, then put that in any of the many Virtualizers out there like VMWare or VirtualBox. Then Win Vista will be protected via the firewall inside Linux or BSD.

Better yet spend a few $$ and pick up a SoHo Router with basic firewall capabilities and call it a day.
 
Old 06-07-2014, 12:24 PM   #7
igadoter
Senior Member
 
Registered: Sep 2006
Location: wroclaw, poland
Distribution: many, primary Slackware
Posts: 2,717

Original Poster
Blog Entries: 1

Rep: Reputation: 625Reputation: 625Reputation: 625Reputation: 625Reputation: 625Reputation: 625
Quote:
Originally Posted by lleb View Post
that will be backwards. the Host OS will see the internet as it really is. therefore you are saying, take the internet unfiltered through the HOST OS (WinVista might as well have a gate with no fence for a firewall) feed it into a secure virtual machine's firewall, pass it back to the host OS. sorry mate, but that is the wrong way around.
The idea behind is that the applications should see only the virtual interface:

windows host interface ----> <----- virtual interfaces ----> <----- applications

The applications are common applications running under windows. Say the network traffic for web browsers should go through this firewall.

Last edited by igadoter; 06-07-2014 at 12:36 PM.
 
Old 06-08-2014, 10:17 AM   #8
lleb
Senior Member
 
Registered: Dec 2005
Location: Florida
Distribution: CentOS/Fedora/Pop!_OS
Posts: 2,983

Rep: Reputation: 551Reputation: 551Reputation: 551Reputation: 551Reputation: 551Reputation: 551
thats what im telling you igadoter, by having MS as the host OS, it sees 100% of the unfiltered internet traffic. you can set applications such as Chrome or Firefox to use a proxy, but that is still not truly filtered traffic as the host OS has already seen the potentially corrupted data.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Ubuntu Linux & Windows 7 - Dual Boot or just use Windows in a Virtual Machine? spinnerette Linux - Newbie 29 06-29-2013 09:19 AM
I am not able to ping windows machine through my virtual redhat linux machine which vasant1984 Linux - Newbie 2 04-25-2012 11:46 AM
Interconnect a Virtual machine in linux to Real machine in windows xp lola1987 Linux - Networking 2 06-05-2011 04:31 PM
[SOLVED] How to access Linux commands from windows virtual Machine? hnpat Linux - General 2 03-03-2010 02:54 AM
Windows Virtual Machine on Linux and Video Games gizza23 Linux - General 8 07-13-2007 05:43 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 03:47 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration