Firewall se linux

Γιώργος Ευθήμερος efthimeros at hotmail.com
Wed Dec 22 20:59:15 EET 1999 

Hi guys kai xronia polla!

Eixa grapsei kai paliotera sth lista gia enan firewall pou prospa8w na
sthsw, kai oi linuxarioi pou mou apanthsan me boh8hsan na proxwrhsw ton
firewall mexri enos shmeiou.

Epeidh akoma den ta exw kataferei, zhtaw 3ana th boh8eia sas. To problhma
mou einai to e3hs:

Kat' arxas, xrhsimopoiw RH 6.1. Exw ena mhxanhma me 2 ethernet devices kalws
setarismena (eth0 h internet meria tou firewall kai eth1 h eswterikh) me
pragmatikes (statikes) IP pou apoteloun uposunolo enos Class C network pou
exoume sth sxolh.

Exw kompilarei ton purhna me ola ta aparaithta kaloudia, kai exw kanei
enable to IP_FORWARDING. Exw to ipchains me policy ACCEPT se ola ta chains
(input, output, forward), kai exw thn e3hs sundesmologia:

                                 /------------------\
Win98 PC ----//---> | eth1             eth0 | -----------> Router tou
tmhmatos
                                 \------------------/
                     twisted           Linux F/W
                      pair

(Sorry gia to ASCII art, elpizw na fainetai ka8ara h sundesh twn PC)

To Win98 PC sundeetai mesw enos twisted pair sthn eth1, enw h eth0 einai
sundedemenh me thn priza ston toixo. Me to linuxconf exw epishs orisei ena
"route to host" sto Win98 PC, kai me ping blepomaste kanonika. Apo to linux
box exw Internet (gateway kai DNS kalws orismena) kai telos apo to Win98 PC
blepw me ping kai tis duo eth* tou Firewall (me ipchains mporw na periorisw
sto Win98 PC thn prosbash sthn eth0).

To problhma einai to e3hs: Den mporw na kanw ping sto inernet apo to Win98
PC. Blepw mono mexri to firewall. Antistoixa kai apo mhxanhma sto Internet,
blepw mono mexri to firewall kai oxi to Win98 PC. (8umh8eite oti to
ip_forward einai energopoihmeno!!!)

H erwthsh mou loipon, pros opoion 3erei kati, einai h e3hs: Ti prepei na
kanw gia na mporesw na "dw mesa" apo ton firewall pros tis duo kateu8unseis?
Den ftanei mono to ip_forwarding na einai enabled? Xreiazomai bridging? Kati
allo?

katalabainw oti auto pou rwtaw isws fainetai trivial h xazo stous gurus (!)
ths listas, alla pistepste me, exw diabasei ka8e Fucking Manual kai How-to
(kai oxi mono) kai den exw brei akrh (Ma kaneis den paizei me firewalls se
linux me duo eth?? me skopo thn prostasia sugkekrimenwn IP pou den xwrane na
ginoun ena subnet??????)

Sorry gia to mege8os, h8ela na eimai oso to dunaton safesteros.
Euxaristw ek tvn prwterwn, kai pali Kales Giortes.


Giorgos Efthimeros.


--
====================================================================
Gia boithia (h na diagrafhte) e-mail sto majordomo at hellug.gr
Ta archives tis listas einai sto http://lists.hellug.gr/lgu.html
prin steilete kapoia erothsh psakte mipos exei hdh apanththei.
Gia opoiodipote problima stilte e-mail ston owner-linux-greek-users at hellug.gr
====================================================================

More information about the Linux-greek-users mailing list