LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 06-20-2009, 06:23 AM   #1
jonaskellens
Member
 
Registered: Jul 2008
Location: Ghent, Belgium
Distribution: Fedora, CentOS
Posts: 632

Rep: Reputation: 33
iptables: send all incoming traffic to virtual machine


I have a firewall (Endian) running in a VirtualBox VM.
How can I send all incoming traffic on my WAN-interface of my host-system (CentOS 5.2) to my Virtual Machine ?

My Firewall-VM uses the physical interface.
I do not want access from the internet to my host system. All traffic needs to be filtered by my firewall (guest system).

Could I block everything on my host-system ?

I choose not to have a dedicated firewall, but I am bugged with the security-aspects of my setup.
 
Old 06-20-2009, 11:24 PM   #2
bsdunix
Senior Member
 
Registered: May 2006
Distribution: Caldera, CTOS, Debian, FreeBSD, Mac OS X, Mandrake, Minix, OpenBSD, Slackware, SuSE
Posts: 1,757

Rep: Reputation: 80
I think you have it backwards. When you turn on your computer, which OS comes up first? The host or the guest? Ideally, which ever is the first you want that as the firewall.
 
Old 06-22-2009, 06:25 AM   #3
jonaskellens
Member
 
Registered: Jul 2008
Location: Ghent, Belgium
Distribution: Fedora, CentOS
Posts: 632

Original Poster
Rep: Reputation: 33
Quote:
Originally Posted by bsdunix View Post
I think you have it backwards. When you turn on your computer, which OS comes up first? The host or the guest? Ideally, which ever is the first you want that as the firewall.
It is clear that the host-system is up first.

So how then do I reject all traffic on my host (Centos 5.3) ?
 
Old 06-23-2009, 03:22 PM   #4
bsdunix
Senior Member
 
Registered: May 2006
Distribution: Caldera, CTOS, Debian, FreeBSD, Mac OS X, Mandrake, Minix, OpenBSD, Slackware, SuSE
Posts: 1,757

Rep: Reputation: 80
This explains how to setup the firewall in CentOS:

http://wiki.centos.org/HowTos/Network/IPTables

The documentation includes this basic example. This will block any external incoming connections unless they were initiated by your computer.

Code:
#!/bin/bash
#
# iptables example configuration script
#
# Flush all current rules from iptables
#
 iptables -F
#
# Set default policies for INPUT, FORWARD and OUTPUT chains
#
 iptables -P INPUT DROP
 iptables -P FORWARD DROP
 iptables -P OUTPUT ACCEPT
#
# Set access for localhost
#
 iptables -A INPUT -i lo -j ACCEPT
#
# Accept packets belonging to established and related connections
#
 iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
forward outgoing smtp traffic from linux mail server to window machine using iptables r.bhange Linux - Networking 2 06-04-2009 01:39 AM
Incoming traffic prioritize dorian33 Linux - Networking 8 10-26-2008 06:44 AM
iptables command to route all incoming traffic ger88005 Linux - Networking 2 02-11-2008 10:40 AM
monitoring the incoming traffic narendra.pant Linux - Networking 1 08-11-2006 05:21 PM
Allow Incoming Traffic clarence1720 Mandriva 15 12-07-2004 12:26 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 01:10 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration