Configuration of the “/etc/rc.d/init.d/firewall” script file for the Gateway Server
This is the configuration script file for our Gateway Server. This configuration allows unlimited traffic on the Loopback interface, ICMP, DNS Server and Client (53), SSH Server and Client (22), HTTP Server and Client (80), HTTPS Server and Client (443), POP Client (110), NNTP NEWS Client (119), SMTP Server and Client (25), I MAP Server (143), IRC Client (6667), ICQ Client (4000), FTP Client (20, 21), RealAudio / QuickTime Client, and OUTGOING TRACEROUTE requests by default. (Далее…)
Страниц: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
Build a kernel with Firewall Masquerading and Forwarding support
Once again, the first thing you need to do is ensuring that your kernel has been built with Network Firewall support enabled and Firewalling. In the 2.2.14 kernel version you need to ensure that you have answered Y to the following questions:
Networking options: (Далее…)
Networking Firewall with Masquerading and Forwarding support.Overview
Contrary to the example configurations in Chapter 7, configuring a Linux Server to masquerade and forward traffic generally from the inside private network that has unregistered IP addresses (i.e. 192.168.1.0/24) to the outside network (i.e. the Internet) require a special setup of your kernel and of your firewall configuration scripts file. (Далее…)
Configuration of the “/etc/rc.d/init.d/firewall” script file for the Mail Server
This is the configuration script file for our Mail Server. This configuration allows unlimited traffic on the Loopback interface, ICMP, DNS Server and Client (53), SSH Server (22), SMTP Server and Client (25), IMAP server (143), and OUTGOING TRACEROUTE requests by default.
If you don’t want some services listed in the firewall rules files for the Mail Server that I make ON by default, comment them out with a “#” at the beginning of the line. If you want some other services that I commented out with a “#”, then remove the “#” at the beginning of their lines. (Далее…)
Страниц: 1 2 3 4 5 6 7 8 9 10 11
The firewall scripts files
The tool ipchains allows you to set up firewalls, IP masquerading, etc. Ipchains talks to the kernel and tells it what packets to filter. Therefore all your firewall setups are stored in the kernel, and thus will be lost on reboot. To avoid this, we recommend using the System V init scripts to make your rules permanent. To do this, create a firewall script file like shown below in your 7etc/rc.d/init.d/” directory for each servers you have. (Далее…)