Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
06-06-2014, 07:36 AM
|
#1
|
Senior Member
Registered: Sep 2006
Location: wroclaw, poland
Distribution: many, primary Slackware
Posts: 2,717
|
Firewall for Windows on Linux/BSD in virtual machine
Hi,
I want to create a firewall for windows vista in the way that i install virtualy Linux/BSD with 2 virtual network interfaces: one for connection with window's host interface and second to connect to all other user applications, web browsers etc. I want all network traffic should go through this virtual machine. Is it possible?
PS. I'm nor proffesional neither geek. My question may seems to be naive.
|
|
|
06-06-2014, 02:03 PM
|
#2
|
Senior Member
Registered: Jul 2004
Location: Skuttunge SWEDEN
Distribution: Debian preferably
Posts: 1,350
Rep:
|
Well, ehm, yes - I guess?
Your question is very unclear to me. This is how I understand it:
You have a virtual host, and want to install a firewall as a guest, to be used for a Windows Vista server.
This firewall will have at least 3 nic's, (not 2!) one WAN (external, to Internet - did you forget this or you don't want it?) one internal for DMZ (Web apps etc on Windows), one protected (to login with rdp to Windows).
If everything is virtualized this will work pretty easily.
If Windows is on a physical server I think it still can be done, but takes some more work.
Have I understood you correctly? If not, please return and be as specific as you can.
|
|
|
06-06-2014, 04:01 PM
|
#3
|
Moderator
Registered: Mar 2008
Posts: 22,145
|
I don't have my hands on the exact page right now but there should be plenty of web pages on how to do that. There are some pre-made virtual machines (appliances) that one just loads up and runs. You change how your windows interacts. Basically you set the host to access web via the VM.
|
|
|
06-06-2014, 08:38 PM
|
#4
|
Senior Member
Registered: Dec 2005
Location: Florida
Distribution: CentOS/Fedora/Pop!_OS
Posts: 2,983
|
Quote:
Originally Posted by igadoter
Hi,
I want to create a firewall for windows vista in the way that i install virtualy Linux/BSD with 2 virtual network interfaces: one for connection with window's host interface and second to connect to all other user applications, web browsers etc. I want all network traffic should go through this virtual machine. Is it possible?
PS. I'm nor proffesional neither geek. My question may seems to be naive.
|
do you have a Virtual hosted site, or is Win Vista the host OS and Linux/BSD going to be inside some kind of VM on MS Vista?
|
|
|
06-07-2014, 06:16 AM
|
#5
|
Senior Member
Registered: Sep 2006
Location: wroclaw, poland
Distribution: many, primary Slackware
Posts: 2,717
Original Poster
|
Quote:
Originally Posted by pingu
You have a virtual host, and want to install a firewall as a guest, to be used for a Windows Vista server.
|
Windows is running as a host for virtual machines. Yes, firewall should be created on the system running in a virtual machine. I've got virtualbox.
Quote:
Originally Posted by pingu
This firewall will have at least 3 nic's, (not 2!) one WAN (external, to Internet - did you forget this or you don't want it?) one internal for DMZ (Web apps etc on Windows), one protected (to login with rdp to Windows).
|
Sounds complicated.
Quote:
Originally Posted by =pingu
Windows is on a physical server
|
What do you mean by that? I've got one computer in home. Exactly on that computer i want to run such firewall. I know there are solutions 'download/install' but i'm not interested in this.
Sorry for all i'm being not precise.
Last edited by igadoter; 06-07-2014 at 06:17 AM.
|
|
|
06-07-2014, 11:28 AM
|
#6
|
Senior Member
Registered: Dec 2005
Location: Florida
Distribution: CentOS/Fedora/Pop!_OS
Posts: 2,983
|
Quote:
Originally Posted by igadoter
Windows is running as a host for virtual machines. Yes, firewall should be created on the system running in a virtual machine. I've got virtualbox.
|
that will be backwards. the Host OS will see the internet as it really is. therefore you are saying, take the internet unfiltered through the HOST OS (WinVista might as well have a gate with no fence for a firewall) feed it into a secure virtual machine's firewall, pass it back to the host OS. sorry mate, but that is the wrong way around.
Install Linux or BSD as your host OS. If you must run Win Vista, then put that in any of the many Virtualizers out there like VMWare or VirtualBox. Then Win Vista will be protected via the firewall inside Linux or BSD.
Better yet spend a few $$ and pick up a SoHo Router with basic firewall capabilities and call it a day.
|
|
|
06-07-2014, 12:24 PM
|
#7
|
Senior Member
Registered: Sep 2006
Location: wroclaw, poland
Distribution: many, primary Slackware
Posts: 2,717
Original Poster
|
Quote:
Originally Posted by lleb
that will be backwards. the Host OS will see the internet as it really is. therefore you are saying, take the internet unfiltered through the HOST OS (WinVista might as well have a gate with no fence for a firewall) feed it into a secure virtual machine's firewall, pass it back to the host OS. sorry mate, but that is the wrong way around.
|
The idea behind is that the applications should see only the virtual interface:
windows host interface ----> <----- virtual interfaces ----> <----- applications
The applications are common applications running under windows. Say the network traffic for web browsers should go through this firewall.
Last edited by igadoter; 06-07-2014 at 12:36 PM.
|
|
|
06-08-2014, 10:17 AM
|
#8
|
Senior Member
Registered: Dec 2005
Location: Florida
Distribution: CentOS/Fedora/Pop!_OS
Posts: 2,983
|
thats what im telling you igadoter, by having MS as the host OS, it sees 100% of the unfiltered internet traffic. you can set applications such as Chrome or Firefox to use a proxy, but that is still not truly filtered traffic as the host OS has already seen the potentially corrupted data.
|
|
|
All times are GMT -5. The time now is 03:47 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|