FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 02-23-2012, 09:31 PM
Wuxi Ixuw
 
Default How to setup a computer using CentOS6 as a firewall for the whole network in my place?

Hello
in one of the emails I sent earlier ; mark (m.roth@5-cent.us) mentioned:

> install linux on a computer with two ethernet cards. connect eth0 to
> your internet connection, and eth1 to your local network. configure
> iptables firewall rules in the linux system. or install pfsense on that
> same computer.

Please if any one can help with more details and example for the
configuration that would be awesome.

Thanks
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 02-23-2012, 09:36 PM
Tim Evans
 
Default How to setup a computer using CentOS6 as a firewall for the whole network in my place?

On 02/23/2012 05:31 PM, Wuxi Ixuw wrote:
> Hello
> in one of the emails I sent earlier ; mark (m.roth@5-cent.us) mentioned:
>
>> install linux on a computer with two ethernet cards. connect eth0 to
>> your internet connection, and eth1 to your local network. configure
>> iptables firewall rules in the linux system. or install pfsense on that
>> same computer.
>
> Please if any one can help with more details and example for the
> configuration that would be awesome.
>

http://www.frozentux.net/documents/iptables-tutorial/
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 02-23-2012, 09:54 PM
Ljubomir Ljubojevic
 
Default How to setup a computer using CentOS6 as a firewall for the whole network in my place?

On 02/23/2012 11:31 PM, Wuxi Ixuw wrote:
> Hello
> in one of the emails I sent earlier ; mark (m.roth@5-cent.us) mentioned:
>
>> install linux on a computer with two ethernet cards. connect eth0 to
>> your internet connection, and eth1 to your local network. configure
>> iptables firewall rules in the linux system. or install pfsense on that
>> same computer.
>
> Please if any one can help with more details and example for the
> configuration that would be awesome.
>
> Thanks
> _______________________________________________
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
>

I would use Shorewall instead of regular firewall. And there is Webmin
module for Shorewall. If you protect Webmin properly (like only
localhost access) it can help you greatly with simple configuration.

Shorewall even supports "tc", bandwidth shaping.

--

Ljubomir Ljubojevic
(Love is in the Air)
PL Computers
Serbia, Europe

Google is the Mother, Google is the Father, and traceroute is your
trusty Spiderman...
StarOS, Mikrotik and CentOS/RHEL/Linux consultant
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 02-23-2012, 10:02 PM
Miguel Medalha
 
Default How to setup a computer using CentOS6 as a firewall for the whole network in my place?

Why does it have to be CentOS? If you want a wonderful router/firewall
that you can have up and running in a few minutes, you should look at this:

www.pfsense.org

I quote from their website:

"pfSense is a free, open source customized distribution of FreeBSD
<http://www.freebsd.org> tailored for use as a firewall and router. In
addition to being a powerful, flexible firewalling and routing platform,
it includes a long list of related features and a package system
allowing further expandability without adding bloat and potential
security vulnerabilities to the base distribution."


If you insist in using Linux instead, you could look at this:

www.ipcop.org

Once again, a distro specialized on the function it performs.

Why have a generic and bloated system that you then have to customize
from scratch when such wonderful specialized projects already exist?

I use Linux servers and a pfsense firewall to protect the network. Works
like a charm, with amazing stability and reliability.

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 02-23-2012, 10:19 PM
Wuxi Ixuw
 
Default How to setup a computer using CentOS6 as a firewall for the whole network in my place?

I think your words makes more sense and counting.
For a newbie one like me ... which option you would advise me to go for?
I do not have any special preferences but I do care for the one that is
more stable and provide really more security.
Thanks

On 24/02/2012 01:02 AM, Miguel Medalha wrote:
>
> Why does it have to be CentOS? If you want a wonderful router/firewall
> that you can have up and running in a few minutes, you should look at
> this:
>
> www.pfsense.org
>
> I quote from their website:
>
> "pfSense is a free, open source customized distribution of FreeBSD
> <http://www.freebsd.org> tailored for use as a firewall and router. In
> addition to being a powerful, flexible firewalling and routing
> platform, it includes a long list of related features and a package
> system allowing further expandability without adding bloat and
> potential security vulnerabilities to the base distribution."
>
>
> If you insist in using Linux instead, you could look at this:
>
> www.ipcop.org
>
> Once again, a distro specialized on the function it performs.
>
> Why have a generic and bloated system that you then have to customize
> from scratch when such wonderful specialized projects already exist?
>
> I use Linux servers and a pfsense firewall to protect the network.
> Works like a charm, with amazing stability and reliability.
>
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 02-23-2012, 11:37 PM
Miguel Medalha
 
Default How to setup a computer using CentOS6 as a firewall for the whole network in my place?

> For a newbie one like me ... which option you would advise me to go for?
> I do not have any special preferences but I do care for the one that
> is more stable and provide really more security.

It seems to me that the last line of my previous post already contained
my answer to your question :-)

"I use Linux servers and a pfsense firewall to protect the network.
Works like a charm, with amazing stability and reliability."

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 02-24-2012, 07:13 PM
Miguel Medalha
 
Default How to setup a computer using CentOS6 as a firewall for the whole network in my place?

> pfsense for a newbie?

Yup! Based on the simple requirements that the OP expressed, i.e. "a
firewall for the whole network in my place", I would again recommend
pfsense. It may seem paradoxical but it's not. It just *works* after a
very simple and quick installation. The user only has to answer a couple
of simple questions. A WAN interface and a LAN interface are ready and
working together and that's it.

It can be installed on anything, from a Compact Flash card to a USB
sticker, it doesn't even need a hard disk.


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 02-24-2012, 07:19 PM
Miguel Medalha
 
Default How to setup a computer using CentOS6 as a firewall for the whole network in my place?

> pfsense for a newbie?
>
> A CentOS-like firewall would be ClearOS (formerly Clarkconnect) and again would reduce the number of simultaneously-learned layers to wade through. While it works very well, it is yet another layer and difference to learn, and when learning is is really good to not overload the number of layers to learn at once. IMHO, YMMV, etc.
>
> Since I have done cisco IOS stuff for a decade and a half, now, I'd recommend Vyatta over pfsense, but, there again, it is yet another, different, layer to learn that *will* overwhelm a newbie.

Isn't Vyatta a comercial product? I suppose that it wouldn't fit a
newbie either...

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 02-25-2012, 12:17 AM
Ljubomir Ljubojevic
 
Default How to setup a computer using CentOS6 as a firewall for the whole network in my place?

On 02/24/2012 09:13 PM, Miguel Medalha wrote:
>
>> pfsense for a newbie?
>
> Yup! Based on the simple requirements that the OP expressed, i.e. "a
> firewall for the whole network in my place", I would again recommend
> pfsense. It may seem paradoxical but it's not. It just *works* after a
> very simple and quick installation. The user only has to answer a couple
> of simple questions. A WAN interface and a LAN interface are ready and
> working together and that's it.
>
> It can be installed on anything, from a Compact Flash card to a USB
> sticker, it doesn't even need a hard disk.
>

I used ClarkConnect for several years, it was my first hands-on contact
with Linux, and I have learned much from it.
Installation is also quick and painless, it is based on CentOS so extra
packages/repositories from CentOS are possible, and can be used as
Proxy/Mail/Web server also.

--

Ljubomir Ljubojevic
(Love is in the Air)
PL Computers
Serbia, Europe

Google is the Mother, Google is the Father, and traceroute is your
trusty Spiderman...
StarOS, Mikrotik and CentOS/RHEL/Linux consultant
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 02-26-2012, 02:32 PM
Ryan Wagoner
 
Default How to setup a computer using CentOS6 as a firewall for the whole network in my place?

On Fri, Feb 24, 2012 at 3:19 PM, Miguel Medalha <miguelmedalha@sapo.pt>wrote:

> > pfsense for a newbie?
> >
> > A CentOS-like firewall would be ClearOS (formerly Clarkconnect) and
> again would reduce the number of simultaneously-learned layers to wade
> through. While it works very well, it is yet another layer and difference
> to learn, and when learning is is really good to not overload the number of
> layers to learn at once. IMHO, YMMV, etc.
> >
> > Since I have done cisco IOS stuff for a decade and a half, now, I'd
> recommend Vyatta over pfsense, but, there again, it is yet another,
> different, layer to learn that *will* overwhelm a newbie.
>
> Isn't Vyatta a comercial product? I suppose that it wouldn't fit a
> newbie either...
>
>
Vyatta has an open source version as well. The feature list is huge and
they provide nice PDF documents with configuration examples. I am using
Vyatta at five locations.

http://vyatta.org/

Ryan
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 09:38 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org