This document is the second segment in a series on installing IPCop firewall. We will be creating a “DMZ” for hosting your own web server or mail server and the Copfilter proxy for filtering your application layer ingress and egress network traffic. This is intended to be a rough overview on creating a IPCop firewall [...]

The Perfect Linux Firewall Part I — IPCop Version 2.3 Author: Joseph Guarino Last edited 02/22/2006 This document describes how to install the GNU/Linux GPL IPCop firewall and create a small home office network. In the second installment we cover creating a DMZ for hosting your own web server or mail server and the Copfilter [...]

Here I present an abbreviated explanation of the process of creating firewall and cluster objects. More detailed step-by-step guides are available in sections “Firewall Object” and “Cluster Object” of the Firewall Builder Users Guide. As usual, to create a firewall object I use main menu “Object/New object” which opens a menu of object types: Figure 4. Creating [...]

Lets see how much effort it is going to take to convert this configuration to entirely different firewall platform – PF on OpenBSD. There are different ways to do this. I could make a copy of each member firewall (linux-test-1 and linux-test-2), set platform and host OS in the copy to PF and OpenBSD and [...]

Here is small script that does this. Debian or Ubuntu GNU/Linux does not comes with any SYS V init script (located in /etc/init.d directory) . You create a script as follows and use it to stop or flush the iptables rules. Please don’t type rules at command prompt. Use the script to speed up work. [...]

You can use nmap tool for this job. It is flexible in specifying targets. User can scan entire network or selected host or single server. Nmap is also useful to test your firewall rules. namp is metwork exploration tool and security / port scanner. According to nmap man page: It is an open source tool [...]

E: syslogd appears to be running, but not klogd which logs kernel firewall messages to syslog. You should ensure that klogd is running R: nano -c /etc/init.d/syslog Search the line below, (nearly at line # 42) passed klogd skipped #daemon klogd $KLOGD_OPTIONS Replace it with lines below, #passed klogd skipped daemon klogd $KLOGD_OPTIONS Now search [...]

How do I block port number with iptables under Linux operating systems? Port numbers which are recognized by Internet and other network protocols, enabling the computer to interact with others. Each Linux server has a port number (see /etc/services file). For example: TCP port 80 – HTTP Server TCP port 443 – HTTPS Server TCP [...]

http://www.fwbuilder.org Firewall Builder is a firewall configuration and management GUI that supports configuring a wide range of firewalls from a single application. Supported firewalls include Linux iptables, BSD pf, Cisco ASA/PIX, Cisco router access lists and many more. The complete list of supported platforms along with downloadable binary packages and soure code can be found [...]

The default firewall that comes along with Linux is “iptables” and you can use iptables to block Ftp access/port on your server. Completely block Ftp access on the server: # iptables -A INPUT -p tcp –dport 21 -j DROP Block Ftp access for a specific IP address, say 11.12.13.14 # iptables -A INPUT -p tcp [...]