Firewall

Discussion in 'Server Operation' started by ColdDoT, Apr 2, 2006.

  1. ColdDoT

    ColdDoT Member

    Hello

    i've got 2 questions
    first is do you realy need a firewall on a server?

    second if first is yes
    is there a script (/etc/init.d/firewall) that uses iptables where i can simple say on 2 lines

    TCP_ALLOW="21 22 80" etc.
    and
    UDP_ALLOW="7777 666" etc.

    maybe it is some strange questions. but i don't know much about firewalls on linux.

    greets kevin
     
  2. sbovisjb1

    sbovisjb1 Member HowtoForge Supporter

    For you're first question you do need a firewall for a server.
    second if first is yes

    is there a script (/etc/init.d/firewall) that uses iptables where i can simple say on 2 lines

    TCP_ALLOW="21 22 80" etc.
    and
    UDP_ALLOW="7777 666" etc.

    for the above, i think that you are trying to allow ports 21, 22 and 80 to be open and UDP 7777 and 666 to be open. IF thay is the case you need to declare them individually. If you wanted ports 21 TO 80 open you could use this 21:80.
     
  3. ColdDoT

    ColdDoT Member

    ok the problem i don't know anything about firewalls or how it should work in linux

    when i was by a frend of my he had a cool script(/etc/init.d/firewall) thats had 2 rules where you can set what ports there must be allowed

    the rules look like
    TCP_ALLOW=(you can enter all the ports here)
    and 1 for udp

    so i tought is there also such of scipt for debian ?

    (i don't know if i'm so clearly enough)
     
  4. falko

    falko Super Moderator Howtoforge Staff

    The Bastille firewall ( http://www.bastille-linux.org/source.htm ) has such a script where you can specify the ports that should be open. Download the source tarball, extract it and have a look at the firewall scripts.

    ISPConfig also uses the Bastille firewall, so you could also extract the ISPConfig sources and have a look at the folder install_ispconfig/security.
     

Share This Page