Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Ruby > Configuring Linux as a Firewall

Thread Tools

Configuring Linux as a Firewall
Posts: n/a
Configuring Linux as a Firewall

* Making installation choices
* Introducing iptables
* Using iptables commands
* Simplifying things with firewall GUIs
* Adding proxy functionality

As Linux gains increasing acceptance in corporate datacenters and
other places, more and more people are discovering something that
Linux enthusiasts have known for a long time: Linux has built-in
firewall features that allow an administrator to build a firewall.
Recent versions of Linux generally ship with at least basic firewall
capabilities, and several Linux versions include even more advanced
features. Because Linux is open source software, and because it has
only minimal hardware requirements, you can build a Linux-based
firewall relatively inexpensively. Be forewarned, though -- doing so
does require some knowledge of Linux and how it fits into the
networking scheme of things.
Making Installation Choices

To use the firewall built into Linux, you should make sure that the
operating system you install includes iptables functionality. Iptables
is the most popular Linux firewall, and this chapter covers it in
detail. Fortunately, most Linux distributions do this by default, so
you probably don't have to worry about this.

Before you install Linux, make sure that all your network cards and
any modem that you may use are installed in your computer. Generally,
it's much easier to have all your hardware in place before installing
your Linux software than it is to install Linux first and then try to
get Linux to recognize all the hardware stuff after the fact.

Red Hat Linux, in its ongoing effort to be top dog in the Linux field,
goes one step further along the customer satisfaction road by giving
you a choice of configuring the firewall during installation. One of
the screens that you see during the installation procedure is shown in
Figure 1. The choices you see on this screen are good starting points,
whether you are just setting up a personal computer, or whether you
are planning to configure a corporate firewall. Of course, when you
are indeed configuring a dedicated firewall, you will have to perform
some additional configuration after the installation is complete.

If you are using another distribution, just skip this section and go
on to the section on iptables. The process of configuring the firewall
after installation is virtually identical in all Linux distributions.
Let's look at each of the available choices:

_ Off: This option does just what its name implies: It configures
Linux to allow all network traffic to enter or leave the computer.
Obviously, this is not an appropriate setting for a firewall unless
you want to do all your configuring at some later point. (No, deciding
just to skip this whole firewall business is not an option. Need to
reread Chapter 1?)

_ Medium: This is an appropriate choice if you want to use Linux as a
personal firewall or if you are installing a server that performs
limited functions, such as a Web server. When you select this option,
Linux configures iptables to allow certain types of traffic into your
computer. You can specify which types of traffic are allowed; for
example, you can disable HTTP traffic or allow SMTP traffic. One of
the limitations of the Red Hat setup program is that it can only
perform very simple firewall configuration tasks for you. Keep in mind
that you can add or remove rules later, but if you already know which
traffic you want to allow and which traffic you want to block, you can
easily configure this during setup.

_ High: When you select this option, you enable and configure the
iptables firewall to block all traffic. This is the configuration that
you should choose when you install a dedicated firewall. Best
practices dictate that you configure your firewall to drop all network
traffic unless you specifically allow it. Choosing this option gives
you this starting configuration; you get to do all the other
configuration steps after the operating system installation is

Read the complate article at
Reply With Quote
Todd Benson
Posts: n/a
On Sat, Mar 1, 2008 at 9:39 AM, <(E-Mail Removed)> wrote:

> Red Hat Linux, in its ongoing effort to be top dog in

...unsolicited advertising?

Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Configuring Linux as a Firewall Digital Photography 2 03-01-2008 05:03 PM
Configuring Linux as a Firewall ASP .Net 1 03-01-2008 04:42 PM
Configuring Linux as a Firewall Javascript 1 03-01-2008 04:18 PM
PIX 501 Firewall - configuring Jimmy Cisco 14 10-21-2003 05:34 PM
Configuring XP firewall for Cisco VPN Client Raphael Goubet Cisco 0 10-09-2003 02:50 PM