Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

IPTABLES Firewall concept help

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers IPTABLES Firewall concept help
Prev   Next
# 1  
Old 12-29-2006
IPTABLES Firewall concept help
Dear all,

I wish to place make a very simple FIREWALL with IPTABLES. There are some issues and points to make before I do, so this post is just to see if it can be done. I know it wont be the best solution but it may be OK.

1. We have two Windows servers in a datacenter without a firewall on them.

2. We have a third LINUX server (in the same datacebter) that we hope to use IPTABLES on to act as the firewall. So external traffic hits this firewall server and then forwards onto the underlying web servers via NAT.

3. Each server ONLY has 1 external facing NIC - not great I know but thats all the supplier supplies.

Question 1 : Is it possible to use IPTABLES on the UNIX box to setup a firewall to protect the two underlying Windows servers DESPITE them only have external facing NICs?

Question 2 : I guess if the above is possible, the firewall will bear the brunt of ALL traffic - this means that anyone requesting access to the underlying servers means that traffic will constantly flow via the firewall and thus generating bandwidth costs.

Sorry to be vague - hope tihs makes sence and you experts can help a bit with the conecept.

Thanks
Brad
 
Login or Register to Ask a Question

Previous Thread | Next Thread

5 More Discussions You Might Find Interesting

1. Red Hat

Iptables/Firewall rules for multicast IP.

Hi Gurus, I need to add Multicast Port = xyz Multicast Address = 123.134.143 ( example) to my firewall rules. Can you please guide me with the lines I need to update my iptables files with. (0 Replies)
Discussion started by: rama krishna
0 Replies

2. UNIX for Dummies Questions & Answers

IPTABLES firewall problems

Hi , facing problem for mysql start in mysql cluster server 1 when starts mysql It starts successfully then server 2 when starts mysql unable start so I look to check both server 1 and server 2 iptable below results For Server 1 # iptables -L -n Chain INPUT (policy ACCEPT)... (0 Replies)
Discussion started by: kaushik02018
0 Replies

3. Cybersecurity

Help needed in IPTables firewall/router setup - Linux

HI all, I have setup IPTables firewall/Router and my home network, with address space 192.168.10.XXX Form my private network hosts, i can ping the gateway ( 192.168.10.101 ) , but the reverse is not happening. Can someone help me as of what i need to do, so that i can ping my private... (1 Reply)
Discussion started by: chandan_m
1 Replies

4. Cybersecurity

The Best Script For Iptables Firewall

UTIN Firewall script for Linux 2.4.x and iptables ============================================== #!/bin/sh # # rc.firewall - UTIN Firewall script for Linux 2.4.x and iptables # # Copyright (C) 2001 Oskar Andreasson <bluefluxATkoffeinDOTnet> # # This program is free software; you can... (5 Replies)
Discussion started by: binhnx2000
5 Replies

5. UNIX for Dummies Questions & Answers

how to configure a linux box as a firewall using iptables

I have already compiled the kernel and configured it to run as a firewall. My computer has 2 NICs and is on two seperate networks. I can ping both networks from my computer, but workstations on one network can not ping workstations on the other. What Scripts or commands do I need to install ? (2 Replies)
Discussion started by: Deuce
2 Replies
Login or Register to Ask a Question

LEARN ABOUT ULTRIX

iptables-save

IPTABLES-SAVE(8)						  iptables 1.6.1						  IPTABLES-SAVE(8)

NAME

       iptables-save -- dump iptables rules to stdout

       ip6tables-save -- dump iptables rules to stdout

SYNOPSIS

       iptables-save [-M modprobe] [-c] [-t table]

       ip6tables-save [-M modprobe] [-c] [-t table]

DESCRIPTION

       iptables-save  and ip6tables-save are used to dump the contents of IP or IPv6 Table in easily parseable format to STDOUT. Use I/O-redirect-
       ion provided by your shell to write to a file.

       -M, --modprobe modprobe_program
	      Specify the path to the modprobe program. By default, iptables-save will inspect /proc/sys/kernel/modprobe  to  determine  the  exe-
	      cutable's path.

       -c, --counters
	      include the current values of all packet and byte counters in the output

       -t, --table tablename
	      restrict output to only one table. If not specified, output includes all available tables.

BUGS

       None known as of iptables-1.2.1 release

AUTHORS

       Harald Welte <laforge@gnumonks.org>
       Rusty Russell <rusty@rustcorp.com.au>
       Andras Kis-Szabo <kisza@sch.bme.hu> contributed ip6tables-save.

SEE ALSO

       iptables-apply(8),iptables-restore(8), iptables(8)

       The  iptables-HOWTO, which details more iptables usage, the NAT-HOWTO, which details NAT, and the netfilter-hacking-HOWTO which details the
       internals.

iptables 1.6.1															  IPTABLES-SAVE(8)