Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have couple of machines having public IPs on it and running mail, database and IIS servers. I want to get them behind the linux firewall. how can i do that?
Distribution: Ubuntu, Debian, Various using VMWare
Posts: 2,088
Rep:
Your best bet is to use iptables (part of the kernel). There are many firewall config utilities, including Guarddog and Firestarter which will configure iptables for you.
The fact they have public IP addresses is irrelevant, as the firewall does not know the difference between public and private IP addresses.
Can you provide us with more info, and then we can help more specifically.
well, you could buy a linux router/firewall such as the Linksys WRT54G and then use its simple web interface to set things-up, for example... essentially you'd just need to set it to do port-forwarding (public IP on the router's external side, private IP on the router's internal side, private IPs on all your servers)... but depending on what functionality you expect when you say "firewall", you might be more interested in using a regular PC with multiple NICs as a linux firewall... in that case, your best bet is probably to get started with a specialized linux firewall distro, such as IPCop...
Read up on DMZ's, named after the place in Korea. Basically you setup two firewalls, one between the internet/WAN and your public server and another between your public server and intranet/LAN.
You can also make a dedicated firewall appliance using SmoothWall Express, IPCop, m0n0wall, etc. These are custom distros designed specifically for this purpose. All you need is a "boat anchor", or perhaps "doorstop", class old machine.
I am running SmoothWall Express on 166 MHz, 96 MiB RAM, 4GB drive. It provides DNS, DHCP, web caching (Squid), as well as intrusion detection, the normal port blocking firewall services, & the DMZ that you probably need.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.