Shulou(Shulou.com)06/01 Report--

This article introduces the relevant knowledge of "installation and configuration of Shorewall firewall under Linux". In the operation of actual cases, many people will encounter such a dilemma, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

Environment description: there is only one network card on this machine, use static IP to surf the Internet

Command: apt-get install shorewall ubuntu will install it for you automatically, but shorewall is not configured or started

[1] first cp / usr/share/doc/shorewall/examples/one-interface/* / etc/shorewall

[2] modify / etc/shorewall/shorewall.conf change STARTUP_ENABLED=No to STARTUP_ENABLED=Yes

[3] modify / etc/default/shorewall change startup=0 to startup=1

[4] run ifconfig to confirm that the name of your network card is usually eth0 by default, and write down the name of this network card.

[5] modify / etc/shorewall/interfaces change the eth0 in net eth0 detect dhcp,tcpflags,logmartians,nosmurfs to the name of your network card. If it is the same, you do not need to modify it.

[6] modify / etc/shorewall/rules this file is the definition file of access rules. By default, local computers are allowed to access all external addresses, and external computers are prohibited from accessing this address. For example, if you open the ssh service, port is 22, which file do you want to allow others to access? create a new rule in ACCEPT $FW net icmp

ACCEPT net $FW TCP 22 here also gives you a brief description of some of the rules: net represents the Internet computer $fw represents the local machine, that is, the firewall itself interprets ACCEPT net $FW TCP 22, which means to allow the Internet to access port 22 with the TCP protocol. If it is prohibited, it is DROP.

DROP net $FW TCP 22 if you allow access to a certain IP on the Internet, the rules can be written as follows

ACCEPT net:192.168.1.10$ FW TCP 22

Shorewall start, all right.

This is the end of the content of "installation and configuration of Shorewall Firewall under Linux". Thank you for reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.