Setting Up Arno’s Firewall 2

April 30, 2008 Linux Security | admin @ 7:13 pm

You can download file for installing at this link http://rocky.molphys.leidenuniv.nl/page/iptables/download.htm Download this file arno-iptables-firewall-1.8.2a-stable.tgzDownload and Installing

Next, Create directory name “arno” :
Login as root

[root@test root]#cd ..
[root@test /]#
[root@test /]#mkdir arno
[root@test /]#

Untar file from your downloaded into /arno/ directory

[root@test /]#cd arno ////Change directory to /arno directory you need to store file downloaded at this and use command as below :

[root@test arno]#tar -zxvf arno-iptables-firewall-1.8.2a-stable.tgz

You will have 10 files in this directory, Next, you need to delete arno-iptables-firewall-1.8.2a-stable.tgz file.

[root@test arno]#rm arno-iptables-firewall-1.8.2a-stable.tgz

You have configuration file and 2 file for setting up that is rc.iptables and iptables-firewall.conf

You need to change Owner all file to root Owner via command as below :

[root@test root]#chown -R root /arno

Change Permission on some file via command as below :

[root@test root]#chmod 700 /arno/rc.iptables
[root@test root]#chmod 600 /arno/iptables-firewall.conf

Editing data in file iptables-firewall.conf via command as below :

[root@test root]#vi /arno/iptables-firewall.conf

Change variables as below to match your system :

EXT_IF=”eth0″ # Ethernet Network card to connect to outside your network or connect to internet (External Interface Ethernet)

#EXT_IF=”ppp+” # If you have modem for connecting to internet you need to uncomment this line (External Interface Modem)

#EXT_IF_DHCP_IP=1 # If you have modem to connect to internet with ISP and you need to use DHCP (External Interface Modem and use DHCP)

INT_IF=”eth1″ # Network card inside your network (LAN) for client of your lan (Internal Interface Ethernet)

INTERNAL_NET=”192.168.1.0/24″ #Internal Network

NAT=1 # Use NAT for client in your internal network to connect to the internet via EXT_IF (External Interface)

OPEN_TCP=”80 25 22″ # Open TCP port 80(web) 25(mail)and 22(ssh) can open other port if you need to work

Save this file and log out from vi :

Next, edit file rc.iptables for fix position of configuration file :

[root@test root]#vi /arno/rc.iptables
CONFIG_FILE=/arno/182/iptables-firewall.conf

Finish, save this file :

Start to working with command : /arno/rc.iptables start

You can monitor even of the law in this firewall by data piping from log file into fwfilter program with command as below :

# tail -f /var/log/message | /arno/fwfilter

This commands for use with Arno’s Firewall Service

start = Start firewall (AND reset iptables counters)
stop = Stop firewall (set default policies to accept)
restart = Restart firewall (DOES NOT reset iptables counters)
breread = Reread blocked hosts (blackhole) file
status [-t {table}] [chain] = View firewall ruleset ([chain] & [-t {table}] are optional)

Complete for Installing Arno’s Firewall

No Comments

No comments yet.

RSS feed for comments on this post. TrackBack URI

Sorry, the comment form is closed at this time.