Loading
Starting a Linux Firewall from Scratch
The first steps in getting started with iptables.
______________________
Webcast
How to Build an Optimal Hadoop Cluster to Store and Maintain Unlimited Amounts of Data Using Microservers
Realizing the promise of Apache® Hadoop® requires the effective deployment of compute, memory, storage and networking to achieve optimal results. With its flexibility and multitude of options, it is easy to over or under provision the server infrastructure, resulting in poor performance and high TCO. Join us for an in depth, technical discussion with industry experts from leading Hadoop and server companies who will provide insights into the key considerations for designing and deploying an optimal Hadoop cluster.
Sponsored by AMD
White Paper
Red Hat White Paper: Using an Open Source Framework to Catch the Bad Guy
Built-in forensics, incident response, and security with Red Hat Enterprise Linux 6
Every security policy provides guidance and requirements for ensuring adequate protection of information and data, as well as high-level technical and administrative security requirements for a system in a given environment. Traditionally, providing security for a system focuses on the confidentiality of the information on it. However, protecting the data integrity and system and data availability is just as important. For example, when processing United States intelligence information, there are three attributes that require protection: confidentiality, integrity, and availability.
Learn more about catching the bad guy in this free white paper.
Sponsored by DLT Solutions
- Dynamic DNS—an Object Lesson in Problem Solving
- Making Linux and Android Get Along (It's Not as Hard as It Sounds)
- Using Salt Stack and Vagrant for Drupal Development
- New Products
- RSS Feeds
- A Topic for Discussion - Open Source Feature-Richness?
- Validate an E-Mail Address with PHP, the Right Way
- Drupal Is a Framework: Why Everyone Needs to Understand This
- Readers' Choice Awards
- The Secret Password Is...
- All the articles you talked
1 hour 16 min ago - All the articles you talked
1 hour 19 min ago - All the articles you talked
1 hour 21 min ago - myip
5 hours 45 min ago - Keeping track of IP address
7 hours 36 min ago - Roll your own dynamic dns
12 hours 50 min ago - Please correct the URL for Salt Stack's web site
16 hours 1 min ago - Android is Linux -- why no better inter-operation
18 hours 17 min ago - Connecting Android device to desktop Linux via USB
18 hours 45 min ago - Find new cell phone and tablet pc
19 hours 43 min ago
Free Webinar: Hadoop
How to Build an Optimal Hadoop Cluster to Store and Maintain Unlimited Amounts of Data Using Microservers
Realizing the promise of Apache® Hadoop® requires the effective deployment of compute, memory, storage and networking to achieve optimal results. With its flexibility and multitude of options, it is easy to over or under provision the server infrastructure, resulting in poor performance and high TCO. Join us for an in depth, technical discussion with industry experts from leading Hadoop and server companies who will provide insights into the key considerations for designing and deploying an optimal Hadoop cluster.
Some of key questions to be discussed are:
- What is the “typical” Hadoop cluster and what should be installed on the different machine types?
- Why should you consider the typical workload patterns when making your hardware decisions?
- Are all microservers created equal for Hadoop deployments?
- How do I plan for expansion if I require more compute, memory, storage or networking?
Comments
error
ther eis probably a mistake in the file:
/sbin/iptables -A FORWARD -m state --state \
I will try to get my head
I will try to get my head around this and code my own little thing soon i think. Johnston @ webwurzel.de
It would work but not well setup.
The method of setting up this firewall would probably work fine, but for a beginner's guide to setting up a firewall I think that this glossed over too many details and outright left some unanswered.
It looks like the author set up this firewall in this manner because he didn't have access to the router. Why else would you setup proxy arp instead of just routing the protected network to the firewall? He also refers to the untrusted segment of his network as public network, and then mentions that for some that would be the Internet. He used non-routable IP space behind his firewall but then didn't mention that if you also did this you would need to do NAT.
I like the article because it explained how to set up a Linux box to be a firewall with needing to install a GUI for it, but I think that it used a poor example for what a typical network layout would be.
Clarifications
Yes, I did forget to mention the connection to the outside world properly. It can be either through a server with a global address running a squid, or even some technique using NAT - Sorry that I missed these points.
I was majorly referring to a large campus-kind-of network where one would like to protect his/her smaller LAN.
Excellent Writeup on IPTables
Divakaran this is a very good write up on iptables,Good and very practical example for a small setup.
Is it possible to expand this article and to add transparent proxy server using squid , as in a small setup its very common to have a linux Router/Gateway with proxy server.
Thanks
Austin
Thanks. I should have added
Thanks.
I should have added those details here; I will try to come up with another one, as and when time permits.