Re: [expert] Firewall + routing
Have a look at Mandrake 8.2 -- later versions of IPtables etc.. Then have a look at Bastille http://www.bastille-linux.org . Just use Rpmdrake to install it,yes it's on your Mandrake Cds, and configure it using a command InteractiveBastille another excellent solution is have a look at FireStarter http://firestarter.sourceforge.net/ .. and yes that one is also on your Mandrake CDs. I have tested both of these and they look excellent. Both solutions can configure IPtables to do port forwarding. Cheers Mark On Tue, 2002-05-07 at 04:37, Belkie, Dan wrote: Hey Guys! I have a simple Mandrake 8.1 box as my router / firewall. I'm looking at putting a couple of web servers behind the firewall on my LAN. does anyone know of a good way to set up rules so that the FW can know to send port 80 request to xyz.com to one server and abc.com to another? I guess another question can anyone suggest a good firewall solution? I tried Mandrakes SNF 7.2 but it failed. thoughts? Thanks!! -- = Dan Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] Firewall + routing
Hey Guys! I have a simple Mandrake 8.1 box as my router / firewall. I'm looking at putting a couple of web servers behind the firewall on my LAN. does anyone know of a good way to set up rules so that the FW can know to send port 80 request to xyz.com to one server and abc.com to another? I guess another question can anyone suggest a good firewall solution? I tried Mandrakes SNF 7.2 but it failed. thoughts? Thanks!! -- = Dan Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Firewall + routing
Belkie, Dan wrote: Hey Guys! I have a simple Mandrake 8.1 box as my router / firewall. I'm looking at putting a couple of web servers behind the firewall on my LAN. does anyone know of a good way to set up rules so that the FW can know to send port 80 request to xyz.com to one server and abc.com to another? I guess another question can anyone suggest a good firewall solution? I tried Mandrakes SNF 7.2 but it failed. Smoothwall : http://www.smoothwall.org/community/home/ I use the free, GPL version. See also ... IpCop : http://www.ipcop.org/cgi-bin/twiki/view/IPCop/WebHome I did use SNF for quite a while. I use smoothwall now with some minor tweaks so I could add portsentry to it ;-) -- Kevin O'Connor People will be free to devote themselves to activities that are fun ... The GNU Manifesto - Copyright (C) 1985, 1993 Free Software Foundation, Inc. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Firewall + routing
Belkie, Dan wrote: Hey Guys! I have a simple Mandrake 8.1 box as my router / firewall. I'm looking at putting a couple of web servers behind the firewall on my LAN. does anyone know of a good way to set up rules so that the FW can know to send port 80 request to xyz.com to one server and abc.com to another? I guess another question can anyone suggest a good firewall solution? I tried Mandrakes SNF 7.2 but it failed. thoughts? Thanks!! -- = Dan Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Actually you want to use squid to do that. The trick is simple. We call that accelerator mode since squid can cache some responses for both. Accelerator--applicationSquid/application can function as THE connection on port 80 of a server and can relay requests to another server or servers, caching the results to increase apparent speed. Those other servers might be on the same machine or on different ones. The method is called a custom redirect program and here is a simple example: GUILabelCustom redirect program/GUILabel This list of options was quiet until this one arrived. This setting allows applicationSquid/application to be an accelerator for Several or emphasisall/emphasis servers in the local network. An example would be two apache servers at, say hardware192.168.1.7/hardware and hardware192.168.1.17/hardware applicationSquid/application is on the internet gateway and exposing port 80 for Hardwarewww.domain1.net/Hardware and Hardwarewww.domain2.org/Hardware. The redirect program might look something like this. /Para /ListItem /OrderedList Screen num; #!/usr/bin/perl while (lt;gt;) lcub; shttp://192bsol;.168bsol;.1bsol;.7@http://www.domain1.net shttp://192bsol;.168bsol;.1bsol;.17@http://www.domain2.org print; I think you can backtranslate the sgml codings here. As you can see, the script is very simple. Civileme Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
