I have been asked by my boss to firewall a server that we have down in a datacentre, but I am a bit lost as to where to start. I have looked on the internet for sample scripts but they all seem to be related to people running NAT based firewalls. I simply need a script that will restrict access to certain ports and services, and block everything else. Can anyone point me in the direction of some sample scripts that I can look at to learn / adapt to my use ? Thanks Whitey
On Friday 29 October 2004 16:02, Neil White wrote:
I have been asked by my boss to firewall a server that we have down in a datacentre, but I am a bit lost as to where to start.
I have looked on the internet for sample scripts but they all seem to be related to people running NAT based firewalls. I simply need a script that will restrict access to certain ports and services, and block everything else.
Can anyone point me in the direction of some sample scripts that I can look at to learn / adapt to my use ?
This is the gold standard for learning how to set up a Linux firewall: http://iptables-tutorial.frozentux.net/ It's an excellent tutorial and includes some sample scripts for different configurations. This page has some other good links: http://www.netfilter.org/documentation/index.html Jeff
On Friday 29 October 2004 15:12, Jeffrey Laramie wrote:
On Friday 29 October 2004 16:02, Neil White wrote:
I have been asked by my boss to firewall a server that we have down in a datacentre, but I am a bit lost as to where to start.
I have looked on the internet for sample scripts but they all seem to be related to people running NAT based firewalls. I simply need a script that will restrict access to certain ports and services, and block everything else.
Can anyone point me in the direction of some sample scripts that I can look at to learn / adapt to my use ?
This is the gold standard for learning how to set up a Linux firewall:
http://iptables-tutorial.frozentux.net/
It's an excellent tutorial and includes some sample scripts for different configurations. This page has some other good links:
http://www.netfilter.org/documentation/index.html
Jeff
Hi, SUSE has a good firewall built in YAST > YAST2 Modules >Security and Users
Firewall
and SUSE has done a good job of documenting it and commenting the scripts. Togans Unofficial FAQ also has info on the SUSE Firewall. Let us know what you use and how it worked out PeterB -- Using SUSE since 5.2 Loving SUSE 9.1 Pro My Blog: http://vancampen.org/blog --
I have been asked by my boss to firewall a server that we have down in a datacentre, but I am a bit lost as to where to start.
I have looked on the internet for sample scripts but they all seem to be related to people running NAT based firewalls. I simply need a script that will restrict access to certain ports and services, and block everything else.
Can anyone point me in the direction of some sample scripts that I can look at to learn / adapt to my use ?
This is the gold standard for learning how to set up a Linux firewall:
http://iptables-tutorial.frozentux.net/
It's an excellent tutorial and includes some sample scripts for different configurations. This page has some other good links:
http://www.netfilter.org/documentation/index.html
Jeff
Hi,
SUSE has a good firewall built in YAST > YAST2 Modules >Security and Users
Firewall
and SUSE has done a good job of documenting it and commenting the scripts. Togans Unofficial FAQ also has info on the SUSE Firewall.
Let us know what you use and how it worked out
Thanks for all the replies. I will have a look into this tomorrow (Sat) and report back on what I do for the benefit of anyone else in my shoes. Thanks Whitey
On 21:02 Fri 29 Oct , Neil White wrote:
I have been asked by my boss to firewall a server that we have down in a datacentre, but I am a bit lost as to where to start.
I have looked on the internet for sample scripts but they all seem to be related to people running NAT based firewalls. I simply need a script that will restrict access to certain ports and services, and block everything else.
Can anyone point me in the direction of some sample scripts that I can look at to learn / adapt to my use ?
Thanks
Whitey
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
Have you thought of using 'portsentry'? You can configure it pretty extensively via port#. -- "Yogi" CH Namast� Yoga Studio
Neil White wrote:
I have been asked by my boss to firewall a server that we have down in a datacentre, but I am a bit lost as to where to start.
[snip] If SuSE firewall2 doesn't suit, you might care to look at shorewall - see http://shorewall.sourceforge.net/ This comes as a package with Debian which I also use and seems excellent, though I'm only using it on a modest basis. It's got fair documentation and you won't have to write your own scripts unless you want to, just set up some config files. I've no idea how well it works with SuSE, though. Unless you have pretty demanding needs, SuSE firewall2 will probably do very well. It certainly has quite a few configuration options and it all runs off just one config file which keeps things simple! :) Fish
On Friday 29 October 2004 22:02, Neil White wrote:
I have been asked by my boss to firewall a server that we have down in a datacentre, but I am a bit lost as to where to start. [snip] Can anyone point me in the direction of some sample scripts that I can look at to learn / adapt to my use ?
Just read through /etc/sysconfig/SuSEfirewall2 and fill in what you need. It's really well commented and everything you need (which is very little) is explained nicely. Then use rcSuSEfirewall2 start/stop/restart to bring it up/down and insserv SuSEfirewall2 to make it permanent. -- Kind regards Hans du Plooy Newington Consulting Services hansdp at newingtoncs dot co dot za
On Friday 29 October 2004 23:02, Neil White wrote: [..snip..]
I have looked on the internet for sample scripts but they all seem to be related to people running NAT based firewalls. I simply need a script that will restrict access to certain ports and services, and block everything else.
[..snip..] A lot of answers for this question with helpful links and info, but none contained a useful, ready-to-use script. Therefore, I present to you.... My Script (tadaa...!) <script> iptables -F iptables --flush && iptables --delete-chain iptables -P INPUT ACCEPT iptables -P INPUT DROP iptables -A INPUT -p all -m state --state ESTABLISHED -j ACCEPT iptables -A INPUT -p tcp -m multiport --dport http,https,ssh -j ACCEPT iptables -A INPUT -p all -s 123.80.56.0/24 -j ACCEPT # loopback iptables -A INPUT -p all -s 127.0.0.1 -j ACCEPT iptables -A INPUT -j LOG --log-prefix "IPTABLES_INPUT_LOG: " </script> The above script will : a) allow access to any port from any machine originating from the, presumably, trusted subnet 123.80.56.0 b) allow communication to proceed if it was originated from same machine or if from localhost c) allow TCP access to HTTP, HTTPS amd SSH d) deny everything else e) log denied attempts to syslog with "IPTABLES_INPUT_LOG" prefix Hope it helps, -Stathis
participants (7)
-
C Hamel
-
Hans du Plooy
-
Jeffrey Laramie
-
Mark Crean
-
Neil White
-
Peter B Van Campen
-
rouvas