From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.43) id 1E8nAJ-00021S-V2 for garchives@archives.gentoo.org; Fri, 26 Aug 2005 22:59:16 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.4/8.13.4) with SMTP id j7QMtqgu023371; Fri, 26 Aug 2005 22:55:52 GMT Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.195]) by robin.gentoo.org (8.13.4/8.13.4) with ESMTP id j7QMp3On004663 for ; Fri, 26 Aug 2005 22:51:04 GMT Received: by wproxy.gmail.com with SMTP id i23so64232wra for ; Fri, 26 Aug 2005 15:52:31 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:references; b=B9Ez6W3ozoyJkBr+1iftlPGjDxzr9mRQAsktImw6AtZjaFgmmrIja4YWLrvbstgtb0Rn94PJkgrF7EdHjv0TSebXu2eS3DRyrWPSmA5rWNtQRo9Xpru0zrl+I7ru60AzDTW7AAWy8+/bEWK18RpFaI4LLeHwXYO0kYLa39AxtJ8= Received: by 10.54.35.36 with SMTP id i36mr1478wri; Fri, 26 Aug 2005 15:52:31 -0700 (PDT) Received: by 10.54.83.12 with HTTP; Fri, 26 Aug 2005 15:52:31 -0700 (PDT) Message-ID: Date: Fri, 26 Aug 2005 17:52:31 -0500 From: "Pablo A. Salgado" To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] A Gentoo Firewall howto? In-Reply-To: Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_12871_28823846.1125096751533" References: X-Archives-Salt: 1c3843e9-f15b-4cbf-8e17-829aa62629c7 X-Archives-Hash: 1d31695ce09f93e774ff3f5a3300907d ------=_Part_12871_28823846.1125096751533 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline James, I recently installed a firewall on Gentoo with 3 nics I used Firehol to=20 configure it but I you want something kind of visual: Guardog is my second= =20 choice. On 8/26/05, James wrote: >=20 > Hello, >=20 > I've decided to take the plunge and build my first, full featured > firewall on Gentoo. At first I was going to use 'gnap' but further > reading reveals that this sort of derived firewall is stateless, > and I want a statefull firewall. It's also masked. > (feel free to correct me if I miss something). >=20 > The firewall will have (3) nics, Outside(static IP) > DMZ for several web servers, mail server and DNS secondaries > and a private for a DNS server, PCs(doz) and assorted Linux systems. > So after googling for a while, I could not find any detailed documentatio= n > on building a gentoo based robust firewall (I sure thought I'd ran across > such a page/document, but, nothing today). >=20 > I did find some packages to 'ease the pain' on configuring iptables > and completing the firewall: Recommendations here? > fwbuilder > bastille > kmyfirewall > firestarter >=20 > I did find this gentoo document: > http://www.gentoo.org/doc/en/home-router-howto.xml > This example is for a 2 nic basic firewall. > I need a dmz that will have web servers, dns servers, and > will ensure security. >=20 > I did find one Debian-centric security document: > http://www.debian.org/doc/manuals/securing-debian-howto >=20 > Alternatively, since this machine is only going to be a firewall > & ethernet router so rather than securing a complete Gentoo system > I could just use a 'firewall cd' installation, if one exists > as a Gentoo derivative. >=20 > Any other ideas or recommendations on documents or firewall install > config on gentoo or a gentoo derivative are most welcome? >=20 > Note: my firewall experience is mostly with openbsd. >=20 >=20 > James >=20 > -- > gentoo-user@gentoo.org mailing list >=20 > ------=_Part_12871_28823846.1125096751533 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline James,

I recently installed a firewall on Gentoo with 3 nics I used Firehol to configure it but I you want something kind of visual: Guardog is my second choice.

On 8/26/05, James <wireless@tampabay.rr.com> wrote:
Hello,

I've decided to take the plunge and build my first, full feat= ured
firewall on Gentoo. At first I was going to use 'gnap' but further<= br>reading reveals that this sort of derived firewall is stateless,
and I want a statefull firewall. It's also masked.
(feel free to correct= me if I miss something).

The firewall will have (3) nics, Outside(s= tatic IP)
DMZ for several  web servers, mail server and DNS se= condaries
and a private for a DNS server, PCs(doz) and assorted Linux systems.So after googling for a while, I could not find any detailed documentation=
on building a gentoo based robust firewall (I sure thought I'd ran acro= ss
such a page/document, but, nothing today).

I did find some packa= ges to 'ease the pain' on configuring iptables
and completing the firewa= ll: Recommendations here?
fwbuilder
bastille
kmyfirewall
firest= arter

I did find this gentoo document:
http://www.gentoo.org/doc/en/home-router-ho= wto.xml
This example is for a 2 nic basic firewall.
I need a dmz = that will have web servers, dns servers, and
will ensure security.

I did find one Debian-centric security doc= ument:
http://www.debian.org/doc/manuals/securing-debian-howto

Alter= natively, since this machine is only going to be a firewall
& ethernet router so rather than securing a complete Gentoo system<= br>I could just use a 'firewall cd' installation, if one exists
as a Gen= too derivative.

Any other ideas or recommendations on documents or f= irewall install
config  on gentoo or a gentoo derivative are most welcome?
Note: my firewall experience is mostly with openbsd.


James<= br>
--
gentoo-user@gentoo.o= rg mailing list


------=_Part_12871_28823846.1125096751533-- -- gentoo-user@gentoo.org mailing list