Loading
Starting a Linux Firewall from Scratch
The first steps in getting started with iptables.
______________________
Webcast
How to Build an Optimal Hadoop Cluster to Store and Maintain Unlimited Amounts of Data Using Microservers
Realizing the promise of Apache® Hadoop® requires the effective deployment of compute, memory, storage and networking to achieve optimal results. With its flexibility and multitude of options, it is easy to over or under provision the server infrastructure, resulting in poor performance and high TCO. Join us for an in depth, technical discussion with industry experts from leading Hadoop and server companies who will provide insights into the key considerations for designing and deploying an optimal Hadoop cluster.
Sponsored by AMD
White Paper
Private PaaS for the Agile Enterprise
If you already use virtualized infrastructure, you are well on your way to leveraging the power of the cloud. Virtualization offers the promise of limitless resources, but how do you manage that scalability when your DevOps team doesn’t scale? In today’s hypercompetitive markets, fast results can make a difference between leading the pack vs. obsolescence. Organizations need more benefits from cloud computing than just raw resources. They need agility, flexibility, convenience, ROI, and control.
Stackato private Platform-as-a-Service technology from ActiveState extends your private cloud infrastructure by creating a private PaaS to provide on-demand availability, flexibility, control, and ultimately, faster time-to-market for your enterprise.
Sponsored by ActiveState
- Containers—Not Virtual Machines—Are the Future Cloud
- Non-Linux FOSS: libnotify, OS X Style
- Linux Systems Administrator
- Validate an E-Mail Address with PHP, the Right Way
- Lock-Free Multi-Producer Multi-Consumer Queue on Ring Buffer
- Senior Perl Developer
- Technical Support Rep
- UX Designer
- Introduction to MapReduce with Hadoop on Linux
- RSS Feeds
- One advantage with VMs
46 min 21 sec ago - about info
1 hour 19 min ago - info
1 hour 20 min ago - info
1 hour 21 min ago - info
1 hour 23 min ago - info
1 hour 24 min ago - abut info
1 hour 26 min ago - info
1 hour 27 min ago - info
1 hour 28 min ago - info
1 hour 29 min ago
Free Webinar: Hadoop
How to Build an Optimal Hadoop Cluster to Store and Maintain Unlimited Amounts of Data Using Microservers
Realizing the promise of Apache® Hadoop® requires the effective deployment of compute, memory, storage and networking to achieve optimal results. With its flexibility and multitude of options, it is easy to over or under provision the server infrastructure, resulting in poor performance and high TCO. Join us for an in depth, technical discussion with industry experts from leading Hadoop and server companies who will provide insights into the key considerations for designing and deploying an optimal Hadoop cluster.
Some of key questions to be discussed are:
- What is the “typical” Hadoop cluster and what should be installed on the different machine types?
- Why should you consider the typical workload patterns when making your hardware decisions?
- Are all microservers created equal for Hadoop deployments?
- How do I plan for expansion if I require more compute, memory, storage or networking?
Comments
error
ther eis probably a mistake in the file:
/sbin/iptables -A FORWARD -m state --state \
I will try to get my head
I will try to get my head around this and code my own little thing soon i think. Johnston @ webwurzel.de
It would work but not well setup.
The method of setting up this firewall would probably work fine, but for a beginner's guide to setting up a firewall I think that this glossed over too many details and outright left some unanswered.
It looks like the author set up this firewall in this manner because he didn't have access to the router. Why else would you setup proxy arp instead of just routing the protected network to the firewall? He also refers to the untrusted segment of his network as public network, and then mentions that for some that would be the Internet. He used non-routable IP space behind his firewall but then didn't mention that if you also did this you would need to do NAT.
I like the article because it explained how to set up a Linux box to be a firewall with needing to install a GUI for it, but I think that it used a poor example for what a typical network layout would be.
Clarifications
Yes, I did forget to mention the connection to the outside world properly. It can be either through a server with a global address running a squid, or even some technique using NAT - Sorry that I missed these points.
I was majorly referring to a large campus-kind-of network where one would like to protect his/her smaller LAN.
Excellent Writeup on IPTables
Divakaran this is a very good write up on iptables,Good and very practical example for a small setup.
Is it possible to expand this article and to add transparent proxy server using squid , as in a small setup its very common to have a linux Router/Gateway with proxy server.
Thanks
Austin
Thanks. I should have added
Thanks.
I should have added those details here; I will try to come up with another one, as and when time permits.