LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-10-2006, 08:49 AM   #1
flashstar
LQ Newbie
 
Registered: Jun 2006
Posts: 27

Rep: Reputation: 15
Help with Guarddog


Hi, I am trying to setup a linux firewall between the internet and the computers on my network. My buffalo router does come with a built in firewall, but it seems to be lacking so I was wondering what I have to do to get Guarddog to work on Mepis. I already installed another NIC on my computer so that is done, but I just don't know exactly how to set it up. What should I do?

BTW: My router is now configured to act as a dhcp server and a firewall.

Thanks

Last edited by flashstar; 08-10-2006 at 08:52 AM.
 
Old 08-10-2006, 06:30 PM   #2
flashstar
LQ Newbie
 
Registered: Jun 2006
Posts: 27

Original Poster
Rep: Reputation: 15
Does anyone have a suggestion? I would like the server to just act as a firewall, but if I need it to be a dhcp server, I can probsbly do that.
 
Old 08-10-2006, 09:31 PM   #3
mike160
Member
 
Registered: Jan 2006
Location: Connecticut
Distribution: Ubuntu 10.10, Lubuntu 10.10, #!Crunchbang 10 "Statler"
Posts: 84

Rep: Reputation: 15
I'm assuming your setting up a seperate machine to act as a firewall between your router and network, you might be better off using a version of linux designed to act as just a firewall...

check out www.smoothwall.org

hope this helps

I have used guard dog, but only on local machines.

Mike
 
Old 08-10-2006, 10:26 PM   #4
flashstar
LQ Newbie
 
Registered: Jun 2006
Posts: 27

Original Poster
Rep: Reputation: 15
Thanks for the recommendation, but I need to be able to run a CSS server and a music server on this machine as well.
 
Old 08-11-2006, 12:27 PM   #5
techwatcher
Member
 
Registered: Aug 2006
Distribution: MEPIS
Posts: 73

Rep: Reputation: 15
When I ran the live CD of MEPIS Linux some weeks ago, it 'installed' Guarddog by default, even though it couldn't get the network set up. Maybe you only need to burn an ISO of the new version?

So how will this PC-as-firewall thing work? You connect that one PC to the Web, then connect all your other PCs to that PC (twisted wire Ethernet?)? I'm still quite ignorant about networks, and just divide all my computing between online PC (only Web stuff, e-mail) and offline PC (any actual writing or other data production/manipulation).
 
Old 08-11-2006, 02:38 PM   #6
Super7
Member
 
Registered: Mar 2006
Location: Oakville
Distribution: Mandrake
Posts: 37

Rep: Reputation: 15
computer to computer you need to use a crossover cable. You will be making an internal network so for your internal network you can leave your selected ports open, example DHCP, music, etc.. Then on the connection going to the internet (different IP address range) you block all the ports you dont want open. Then for your DHCP server your going to have to change your gateway to your extenal address.

Edit: your cable depends on your situation. You use a cross over cable from like devices to like devices, router to router, switch to switch, computer to computer..

Last edited by Super7; 08-11-2006 at 02:39 PM.
 
Old 08-11-2006, 06:19 PM   #7
flashstar
LQ Newbie
 
Registered: Jun 2006
Posts: 27

Original Poster
Rep: Reputation: 15
I would like to put my linux box between the cable modem and my wireless router if this is possible. This requires a standard cable right? Anyway, so what you said Super7 is all I need to do? How do I configure each NIC independently? My internal netowrk which is configured by my wireless router has the ip range 192.168.2.x with the router being 192.168.2.1 and the external network by my cable provider has a dhcp address. What do I need to set each card to (eth0 is the external network and eth1 is the internal network) and what should the linux box's address be? Also, how would I go about setting the IP address of my linux box which will be the firewall?

EDIT: Do I need to set the gateway on my wireless router?

Thanks a bunch

Last edited by flashstar; 08-11-2006 at 06:21 PM.
 
Old 08-11-2006, 09:18 PM   #8
mike160
Member
 
Registered: Jan 2006
Location: Connecticut
Distribution: Ubuntu 10.10, Lubuntu 10.10, #!Crunchbang 10 "Statler"
Posts: 84

Rep: Reputation: 15
Quote:
Originally Posted by techwatcher
When I ran the live CD of MEPIS Linux some weeks ago, it 'installed' Guarddog by default, even though it couldn't get the network set up. Maybe you only need to burn an ISO of the new version?

So how will this PC-as-firewall thing work? You connect that one PC to the Web, then connect all your other PCs to that PC (twisted wire Ethernet?)? I'm still quite ignorant about networks, and just divide all my computing between online PC (only Web stuff, e-mail) and offline PC (any actual writing or other data production/manipulation).
You might be able to get that to work,... but the easier way is to put the firewall PC between the Cable/DSL modem and a seperate router, That way the firewall becomes "transparent" to all your local machines connected to your router & internet.

I don't know if its possible to have ONE PC be both an independant firewall for your network AND a game server. The whole idea behind a good firewall is that it's NOT visible to anyone on "the outside".

but I could be wrong....
 
Old 08-11-2006, 09:48 PM   #9
mike160
Member
 
Registered: Jan 2006
Location: Connecticut
Distribution: Ubuntu 10.10, Lubuntu 10.10, #!Crunchbang 10 "Statler"
Posts: 84

Rep: Reputation: 15
Quote:
Originally Posted by flashstar
I would like to put my linux box between the cable modem and my wireless router if this is possible. This requires a standard cable right? Anyway, so what you said Super7 is all I need to do? How do I configure each NIC independently? My internal netowrk which is configured by my wireless router has the ip range 192.168.2.x with the router being 192.168.2.1 and the external network by my cable provider has a dhcp address. What do I need to set each card to (eth0 is the external network and eth1 is the internal network) and what should the linux box's address be? Also, how would I go about setting the IP address of my linux box which will be the firewall?

EDIT: Do I need to set the gateway on my wireless router?

Thanks a bunch
In theory this is a very cool idea, but the way I can see it physically connected you would need 3 nics
2 for the in and out of the firewall and a seperate nic for the CSS server.

That way the Nic assigned to the server would get an ip address from the router and the 2 Nics for the firewall would be configured to just pass through allowed packets...

wait, maybe...no that won't work....I have no idea.. my head hurts...
 
Old 08-12-2006, 12:24 AM   #10
Super7
Member
 
Registered: Mar 2006
Location: Oakville
Distribution: Mandrake
Posts: 37

Rep: Reputation: 15
yes you only need 2 nics, the earleir post about transparent firewall also is ideal, transparent firewalls can be a little harder to control. you dont need 3 nics to complete the task from the ip addresses that you listed it sounds like you have a linksys wireless router and that itself is a Nat/firewall. you can put all that want behind it. If you had a switch I would keep wireless seperate from the rest of your network as wep keys are easy to crack with airsnort(etc..) and put the rest of your services on the rest. firewalls can support many contexts so its like layering your security. if you could tell us what hardware you have and how it is laid out it would help alot to tell us what you really desire, or how we can help you change what you have.

Last edited by Super7; 08-12-2006 at 12:25 AM.
 
Old 08-12-2006, 02:06 AM   #11
flashstar
LQ Newbie
 
Registered: Jun 2006
Posts: 27

Original Poster
Rep: Reputation: 15
I hope I don't need 3 nics because they won't fit into this small computer case I have. I can have 2 though. Anyway, here is a layout of my network as of now. We are using WDS so that's why we have so many wireless routers. Only the first one does dhcp though. I think that if this is not possible, I might just buy a hardware firewall and use the linux server for a CSS server and music server only. If it's possible to configure though, I don't mind setting the linux box up to be a firewall.

http://www.godsofallmedia.com/images...ut General.bmp

Thanks again.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Guarddog N|k0N Slackware 5 09-15-2004 06:51 PM
help with GuardDog! debug019 Linux - Newbie 0 09-07-2004 10:28 AM
guarddog and 2.6.0 ? shanenin Linux - Security 2 01-01-2004 01:30 PM
Guarddog help leeach Mandriva 3 10-02-2003 05:02 PM
Guarddog Help! wonderpun Linux - General 4 08-21-2002 03:55 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 07:22 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration