Networking and Firewall Information Please.

duhasst0 · 06-08-2004, 04:21 AM

Alright I am running a box with a 600mhz PIII about 135 gigs of harddrive space 384megs of ram an eepro card and a linksys card running Mandrake 9.1. So far I have the system set up and ready for the network to be born. I get the machine to run dhcp for the other computers that are supposed to be on the network it gives them IPs but doesn't want to send the internet to the other boxes. I have used the utilities that come with Mandrake to try and fix this problem but so far no luck. Also I am needing to put virus filtering on here along with a firewall that can be trusted. Also file sharing so that the other computers can access some of the media on the server. Mainly its gonna be windows machines accessing the media. Any help would be very appreciated and if you need any more information on other hardware or software let me know and ill see what i can do.

Thanks
John

b0uncer · 06-08-2004, 04:52 AM

accessing the net through an ethernet requires NAT I think...or "masquerade" as it's often called. so check your kernel so that it contains iptables and everything in it you need...after this, grab an app called iptables for your distro so that you can use this kernel-feature, and you're ready to build up a firewall and a NAT that lets your boxes access the net through the server. you'll find a lot of FAQ:s and examples in the homepages of iptables...

also, if you want your windows machines to be able to use some medias on the server, install samba into the server and use it to share...NFS works for linux-linux-filesharing, I think, but I'm not sure if samba handles this too...but for windows' samba does the thing.

iptables are quite easy to use, after you just read a bit about them and get the grip of it

after this, just create a nice script that configures your firewall/NAT and after running it, along with samba services, you should be able to use net and access files on server with your machines. check these sites:

iptables.org
samba.org

duhasst0 · 06-08-2004, 05:56 PM

Alright cool that covers the ip problem and i just need to configure samba and iptables. But one of the bigger problems that i would like to solve is the virus filtering and if its possible to filter spyware popups. also any how to's links that could help would be great as well.

bulliver · 06-08-2004, 07:07 PM

Your dhcp server, does it give out real IP addresses or private network IP addresses ie 192.168.x.x?

If you have real IP addresses you don't need NAT or IP Masquerade.

Anyhoo...the IP Masquerade howto has what you need for that....
http://www.tldp.org/HOWTO/IP-Masquer...WTO/index.html

But if you use IP Masq you don't need a dhcp server....because the Masqed boxes use a permanent private network IP.

andrewdodsworth · 06-09-2004, 02:19 AM

Quote:

Originally posted by duhasst0
Alright cool that covers the ip problem and i just need to configure samba and iptables. But one of the bigger problems that i would like to solve is the virus filtering and if its possible to filter spyware popups. also any how to's links that could help would be great as well.

One option would be to run Squid (http proxy server) on your linux box. There's Squidguard that goes along with it which provides configurable proxy filtering etc. Because all internet access is through Squid you don't need masquerading - local users point browsers at Squid - Squid is only thing having access to outside world. Only limits are protocols supported by Squid but big pluses are caching and control over who accesses what.

Big catch 22 whatever you use is that although linux itself is pretty immune to the viruses etc out there - if you still have windows desktops then you still need to protect them - the virus files will sit quite happily on the linux box doing nothing until the windows client downloads them! Therefore probably still need anti-virus software on windows clients.

duhasst0 · 07-02-2004, 12:10 AM

Alright i got some stuff installed i got iptables installed samba installed i have a firewall script that is great but i am having some problems still. some how iptables is messing around wih my chains and even when i try and block things coming into my computer so that i can put holes into it from what i need to come in. any more help to point me in the right direction would be great. here is the error message when i run the firewall script.

#sh firewall start
#touch: cannot touch `/etc/firewall/.sync': No such file or directory
#touch: cannot touch `/etc/firewall/.load': No such file or directory
#egrep: /etc/firewall/all.allow: No such file or directory
#ls: /etc/firewall/tcp.*: No such file or directory
#ls: /etc/firewall/udp.*: No such file or directory

I also have no idea how to setup samba but have a good idea where to look but i still have no idea about the best way to go around making my chains at all, or getting the firewall to start.

studpenguin · 07-02-2004, 02:10 AM

Here's a suggestion

ESSENTIAL PACKET FILTERING INFORMATION:

http://www.linuxquestions.org/questi...hreadid=199776