LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 04-21-2005, 09:05 AM   #1
abcampa
LQ Newbie
 
Registered: Apr 2005
Distribution: Mandriva 10.1
Posts: 18

Rep: Reputation: 0
Firewall with features of a Sidewinder firewall?


Hi fellas and gals,

I am new to this foram, and to linux. I have read some of the threads and am glad to see this forum is here.

I have a question of a setup I am going to be doing in the near future.

I want to use a box with Mandriva 10.1 linux on my home network as the firewall and service delivery point for my network. behind this firewall I want to have my wifi AP and other wired systems.

Now for the question, I want the a firewall app loaded on my linux system that is similar to the Sidewinder firewall(if any are familiar with this) Sidewinder firewalls have rules allowing access source IPs/subnets to dest IPs/subnets based on ports(ie, telnet, 80, 25, 22, etc). Thus it is very granular.

Another feature is the logging. I want logging of all allwoed access and denied access in an audit log file, that will keep for a certain amount of days and then delete itself. Preferrably I want to be able set the log level to log more or less detailed items.

I have heard about IPFW as a firewall solution. I have read quite a bit about IPtables from here on this forum.

Which would by my best solution for what I want?

btw, i also want to use this system for other minor things like seeding torrents using bittorrent and other stuff, but thats a side item.


Thanks for all your help.
 
Old 04-22-2005, 02:16 AM   #2
musicman_ace
Senior Member
 
Registered: May 2001
Location: Indiana
Distribution: Gentoo, Debian, RHEL, Slack
Posts: 1,555

Rep: Reputation: 46
IPtables is always the best since it forces you to learn and understand how packets come into the system, navigate through the custom rules you specify and then get dropped/logged/accepted.
 
Old 04-22-2005, 07:41 AM   #3
abcampa
LQ Newbie
 
Registered: Apr 2005
Distribution: Mandriva 10.1
Posts: 18

Original Poster
Rep: Reputation: 0
anyone try shorewall?

I guess its integrated or something with iptables....
 
Old 04-22-2005, 04:33 PM   #4
hilikus19
LQ Newbie
 
Registered: Feb 2004
Location: woodland california
Distribution: Slackware 10, Fedora Core 3, Debian 3.0rc4
Posts: 18

Rep: Reputation: 0
im new to the linux security scene also, but from what i understand:
Shorewall, like any other "firewall" is just a GUI that allows you to easily work with iptable scripts. the shorewall program itself dosent actually inspect the packets, it just assigns rules to iptables that you set in the pretty GUI. btw, firestarter is a great user friendly firewall. i strongly encourage you to look at some documentation on how to secure a mandrake system (*giggles*) , just installing a firewall and setting a few iptable scripts does NOT make your system as secure as it needs to be.
 
Old 04-22-2005, 05:24 PM   #5
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 379Reputation: 379Reputation: 379Reputation: 379
just to clear things up a little:

the linux firewall code is called Netfilter...

the tool to configure Netfilter is called iptables...

programs such as Firestarter, Shorewall, etc. are simply front-ends to iptables... and BTW, front-ends don't necessarily have to be GUIs (they can be text-based)...

so to setup your linux firewall you can choose one of the several iptables front-ends that are floating around out there, or you can use iptables directly...

here's a decent iptables tutorial:

http://iptables-tutorial.frozentux.n...-tutorial.html


you can find links to lots of example scripts and other stuff here:

http://www.linuxguruz.com/iptables/


just my two cents...


PS: IPFW isn't a linux thing... it's a FreeBSD thing... ;-)
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
BSD Firewall vs Linux Firewall ? rootlinux Linux - Security 5 08-29-2007 08:38 AM
Firewall lets ips which are not in the firewall ... why ? sys7em Linux - Networking 2 06-30-2005 01:50 PM
slackware's /etc/rc.d/rc.firewall equivalent ||| firewall script startup win32sux Debian 1 03-06-2004 10:15 PM
IPTABLES firewall Vs rc firewall netguy2000 Linux - Security 7 02-28-2004 05:31 AM
Firewall Builder sample firewall policy file ? (.xml) nuwanguy Linux - Networking 0 09-13-2003 01:32 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:51 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration