By Kefa Rabah, krabah@globalopenversity.org
Introduction
The Shorewall, is a high-level tool for configuring Netfilter. You describe your firewall/gateway requirements using entries in a set of configuration files. Shorewall reads those configuration files and with the help of the iptables utility, Shorewall configures Netfilter to match your requirements. Shorewall can be used on a dedicated firewall system, a multi-function gateway/router/server or on a standalone GNU/Linux system. Shorewall does not use Netfilter’s ipchains compatibility mode and can thus take advantage of Netfilter’s connection state tracking capabilities.
CentOS is a community-supported, free and open source operating system based on Red Hat Enterprise Linux. It exists to provide a free enterprise class computing platform and strives to maintain 100% binary compatibility with its upstream distribution .CentOS stands for “Community ENTerprise Operating System”. CentOS is the perfect server for people who need an enterprise class operating system stability without the cost of certification and support and pocket burning baggage that comes with proprietary software. And the beauty is CentOS is free.
Assumptions:
It’s assumed that you have a good understanding of Linux operating system and its working environment. It’s also assumed that you know how to install and configure Linux CentOS5, if not go ahead and pop over to scribd.com and check out a good howto entitled “Install Guide Linux CentOS5 Server v1.1” to get you started.
Solution:
In this Lab session, you’ll learn how to setup virtual network on VMware (you may also use any other virtual machines like MS VirtualPC, Linux Xen, or VirtualBox from Oracle). Next it’s assumed that you know how to install and configure Linux CentOS5 (VM1) with three NIC adapters. On the Linux VM1, I’ll show you how to install & configure a DHCP server and Shorewall firewall on it. You’ll also learn how to configure to more virtual machines (VM) either a Linux distros or any OS of choice to use for testing your firewalled network connectivity form LAN and DMZ to public network (Internet). Finally, you’ll have an opportunity to do some Hands-on Labs home assignment labs to test what you have learned in this lesson. Once you’re done with this labs session you should have gained an experience and capability to enable you to plan design implement and deploy a secure private network or Home/SMB office network infrastructure.
Part 1: Network Configuration
Figure 1 show the setup for our hands-on lab session of our private Home/SMB LAN, which is configured using VMware with two NIC adapters attached to VMnet2. The eth0 is attached to the public side of the network or Internet and is receiving its IP address from DHCP. The eth1 is our internal LAN network, and is configured with static IP address and is also the NIC that is attached to DHCP server, which feeds the dynamic IP address to the devices located within the private LAN via the VMnet2 virtual switch. Machine 1 is running Linux CentOS5 server which we’ll use to install the DHCP server and the firewall on eth1, and also the Shorewall firewall. The eth2 via the VMnet3 virtual switch is our DMZ network and, all the servers located here, e.g., VM3 Webserver, are configured with static IP address.
Follow the link below to access and download the full document:
Secure Firewall Administration Training
You can now register and take our superb Secure Firewall System Admin Training course:
Call us today:
Email: info@globalopenversity.org.
URL: www.globalopenversity.org
Related Articles
- Using Webmin and Bind9 to Setup DNS Server on Linux
- Deploy Secure Messaging Solution using Sendmail & Dovecot Servers with ClamAV on Linux
- Step-by-Step Install Guide for Evolution Mail Client with Addressbook using LDAP on Linux v1.2
- Thunderbird Mail Client with Addressbook using OpenLDAP on Linux HowTo v1.3
- OpenLDAP for Enterprise Identity Management & SSO v1.0
- How to Install Zimbra Messaging Server on Linux v1.2
- Step-By-Step Install Guide Alfresco Community 3.3g on RHEL5 Server v1.0
- Step-By-Step Install Guide DTC on Linux CentOS5 Server v1.0
- Step-By-Step Install Guide DTC on Linux CentOS5 Server v1.0
- Install Guide IPCop Firewall for Network Security with Spam and Virus Protection
- Install & Setup Astaro Security Gateway to Protect Corporate Network
- Install and Configure Vyatta Router to Protect Corporate Network
I really enjoyed reading this article, I was just wondering do you trade featured posts? I’m continuously trying to find somebody to make trades with and just thought I’d ask.
Hi
Could you please expand on what you mean by trade featured post!
I was just studying your site it is extremely well written, My organization is looking around on the net looking for exactly how to start this weblog thing and your blog is simply quite high quality.
I would like to exchange links with your site serengetisys.com
Is this possible?
gives employ a fantastic site decent Gives thank you for the hard work to assist people
Nice post and this fill someone in on helped me alot in my college assignement. Thank you seeking your information.
I totally agree using the above comment, the internet is with a doubt growing into the most essential medium of communication across the globe and its due to sites like this that ideas are spreading so quickly.