linux firewall + load balance ISP connections
location: linuxexchange.com - date: August 2, 2012
I'm trying to get a linux Mint computer with 4 NIC's to act as a load balance server. The idea is that we have three internet connections, and we want to use all of them so we can share usage of 50 computers across all the lines.
I've managed to get balancing happening on the server itself using ip route defaults etc, but I want a iptables solution (so unlike ip route's it wont be cached since all of the ppl are facebookers)
Where I seem to be stuck; I've got all the NIC's setup with static address information (see below) and I've tested the connections. They are working. I don't know how to route the traffic on the internal network to go via the 'firewall' (though i've had some success), or how to get the firewall to accept the connections and route them via the iptables. I did try setting up a DHCP server on the comp etc, but I bricked it and had to start again. frustrating.
My solution was to setup a linksys router to act as the DHCP server, with a static WAN address etc. I
Linux firewall with application dependant blocking of outgoing connections???
location: linuxquestions.com - date: March 10, 2009
I have been running Linux off and on for special applications (program development, and network servers), since the kernel 0.8 days.
I am looking to finally upgrade my aging MS windows laptop, and would like to go with Linux as a fulltime desktop environment, but will not make the switch until I can find a credible Linux firewall.
Having been saved several times from attempts by malware to 'phone home' by an effective firewall, I will never again run a desktop environment which does not properly secure outgoing connections.
My very basic Win98 firewall (Tiny Personal Firewall) provides fairly sophisticated application level controls on network access. First it validates an application based on file size and a secure MD5 hash, then it allows it to connect in or out via the network ONLY if I allow it, then ONLY on the ports I allow, then ONLY to end point address or domains I allow, then ONLY using protocols I allow. This sounds complex, but thanks to a friendly 'would you li
Linux Networking (Multihomed/Firewall/Load Balancing/etc...)
location: ubuntuforums.com - date: August 28, 2009
hello, everyone ask ko lang lang sana kung sino fanatic ng shorewall dito? me kaunting katanungan lang sana ako... una sa lahat madali lang mag configure ng shorewall sa loob ng linux and its derivatives. at madaling magconfigure ng inbound and outbound routing and balancing, kaso may kaunting sabit sa outgoing balancing kasi for example in my case one linux router connected with 4 major isp providers for high traffic outgoing connection kaya apat sila kasi load balanced round-robin scheme. kaso ang problema pag isa sa mga gateway sa mga apat ng provider hindi na distinguished kung buhay pa yung route sa certain gateway so included pa siya sa routing table ng network. in this case sempre load balanced round robin may papasok na outgoing doon sa gateway na patay ang kalalabasan nito no connection kung sino man yung nag browse na yun.. any ideas paano ito ma iresolba..
sinubukan ko yung concept ni taragana dun sa sinasabing nyan gwping, effective naman pero hindi accurate mag palit n
Linux firewall with application dependant blocking of outgoing connections??? Page 2
location: linuxquestions.com - date: March 15, 2009
As said above as more attacks happen better security tools will rise. With that said Linux is way ahead of the game compared to other OS's. Fedora is driving the game alot with security since redhat took over alot of SELinux. SELinux combined with grsecurity for a hardened server is extremely secure. SELinux policy protects applications from doing things they are not supposed to. The policy states what program can access what and on what ports it can do so on. add grsecurity into the mix and then you take into account all the kernel protection features of grsecurity like non-exec pages, alsr, chroot restrictions, /tmp race protection, network based randomization, kernel based randomization, etc. Then add in a firewall, anti-virus, rootkit detectors, and ids you will be ALOT safer that you ever could be on windows.
as for spyware/malware 90% of it comes from in users not knowing what to surf. As i said above i have been surfing for over 10 years and have yet to get a viru
Load Balance or Aggregate(combine) Internet Connections
location: ubuntuforums.com - date: May 12, 2010
This is my first thread I have created here, I have been very good with Google.
My problem is that I would like to load balance or aggregate 2 separate Internet connections on my laptop. Currently a hard line ISP is not available so I'm using an Sierra Wireless 885 USB air card. Thing is the card is quite slow. I also can tether an iPhone to the laptop. The ideal solution would be to have both connections being utilized to help speed up the overall experience, even if it is only a modest gain in speed.
I have found articles that can help, but as I do not know much about iptables and basic TCP/IP routing, I'm finding it difficult to implement those solutions. If someone can point me in the right direction ( a slightly dumb down how:to? or better explained? ) or explain how to go about this, I would appreciate it.
BTW, both phone and aircard get dynamic IP's. Running Ubuntu 10.4
linux firewall, iptables forwarding problem
location: linux.com - date: April 2, 2011
I am new to the linux, but I need to set up a simple firewall for the local network.
I have Ubuntu kernel 2.6 installed, two NIC cards with a one static IP address to internet, I am using bridge-utilities bridge two interfaces together. The bridge is up and fine.
Now I am really stock at this point.
I set default policy to DROP for Forward and enabled forwarding.
Then add rules like these:
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
the local computer can not access internet, but if I changed default FORWARD policy to ACCEPT,
the local computer then can access internet.
I really don't understand why, Please help!
Linux Firewall/router routing problem
location: ubuntuforums.com - date: July 17, 2012
i have a problem for a long time with linux routing. Perhaps somebody can help me.
I dont get any help by search with google
I have 2*Windows 7 PCs and 2*Gentoo Linux Firewall/Router.
The Gentoo Router have both a ppp0 interface to the internet.
I made a image with visio to understand the situation.
The main Problem is to make a RDP Connection from Windows 7 PC 1 192.168.50.10 to Windows 7 PC 2 192.168.70.123.
The only way for this to work is when i use the command "route add 192.168.50.0 MASK 255.255.255.0 10.10.0.250" on the Windows 7 PC 2 as you can see in the image.
The question is why do i need to add that route to every PC in the 192.168.70.0/24 net so that the RDP work, although i have a coresponding route at the Gentoo Router 192.168.70.1 ?
can someone help me?
what did i do wrong?
Webmin / Linux Firewall problem
location: ubuntuforums.com - date: September 22, 2012
First I used the firestarter to control my firewall, but I think I wanna use the on in webmin instead, but after adding my first rule I ran into a problem.
The "nat" table is not intended for filtering, the use of DROP is therefore inhibited.
Error occurred at line: 9
Try `iptables-restore -h' or 'iptables-restore --help' for more information.
What does that mean ? The first rule is to block all access to the webmin port: 10000 except from one of my local network computers with IP 192.168.0.112
Hope someone can help a Linux newbie
location: ubuntuforums.com - date: May 17, 2010
I read somewhere about somebody using a Linux machine as a dedicated internet firewall.
My neighbor wants to share my internet connection, but I don't want them to see my network.
Does anyone has some advice or experiences with this? I'm thinking I'd just put two network cards in the box, and somehow have Linux isolate the two, and replace my existing internet firewall.
Webmin / Linux Firewall / IP Tables
location: ubuntuforums.com - date: October 21, 2012
Im checking out this guide
Is that a good setup for a personal webserver with one site ?
Any suggestions ? I'm kind of new to all linux stuff so help and advice is appreciated.
Page: 1 2 3 4 5 6 7 8 9 10