EXTREME Overclocking Forums
Home | Reviews | Forums | Downloads | RealTime Pricing Engine | Folding Stats Contact Us


Go Back   EXTREME Overclocking Forums > Software Discussion > Linux, BSD, Alternative OS's

Welcome Guest Visitor! Please Register, It's Free and Fun To Participate!
The EXTREME Overclocking Forums are a place for people to learn how to overclock and tweak their PC's components like the CPU, memory (RAM), or video card in order to gain the maximum performance out of their system. There are lots of discussions about new processors, graphics cards, cooling products, power supplies, cases, and so much more!

You are currently viewing our boards as a "guest" which gives you limited access to view most discussions. You need to register before you can post: click the register link to proceed. Before you register, please read the forum rules. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload your own pictures, and access many other special features. Registration is fast, simple, and absolutely free! To start viewing messages, select the forum that you want to visit from the selection below.

After you have registered and read the forum rules, you can check out the FAQ for more information on using the forum. We hope you enjoy your stay here!

Note To Spammers: We do not allow unsolicited advertising! Spam is usually reported & deleted within minutes of it being posted, so don't waste your time (or ours)!


Please Register to Post a Reply
 
Thread Tools
Old 04-06-2011, 09:35 PM   #1
LMHmedchem
Mad Warranty Voider
LMHmedchem's Avatar
Senior Member
 
Posts: 3,566
Last Seen: 10-17-2016
From: Boston
iTrader: 1 / 100%
linux firewall

I have a CentOS distro going, but the firewall is really lame. Other than being able to enable some standard services, the only other thing you can do is to "add ports", which doesn't seem to do anything at all. I need to configure to allow some TCP and UDP traffic to specific local net IPs and ports. There doesn't look like there is any way to do that with the firewall that came with the basic install, so I think I need to look for a different one.

Cent is a red hat 2.6 kernel I think, although it seems to be ****ably difficult to to find an "about" anywhere on a linux distro. Can some recommend a decent client firewall that has enough options to let me configure what I need, but is not too overblown with features? This sits behind a hardware firewall, so there is no mission critical security issue here.

LMHmedchem
United States  Offline
    Register to Reply to This Post
Old 04-07-2011, 01:16 AM   #2
-=bluebird=-
7|-|3 07|-|3 9
-=bluebird=-'s Avatar
Senior Member
 
Posts: 1,872
Last Seen: Today
Age: 37
From: Oranienburg
iTrader: 0 / 0%
you should have a look at fwbuilder. since all linux distros usually use iptables as background for the firewall, you should look at the netfilter howtos as well.

lotsa prebuild firewall stuff doesnt provide the granularity you need for special purposes. so you need to to it by hand. so there is no real "easy to use client" for linux firewalling. you need to know what you are doing, otherwise you will lock out yourself...

bb
Germany  Offline
    Register to Reply to This Post
Old 04-07-2011, 08:19 AM   #3
jmknsd
Caffeine Overclocker
jmknsd's Avatar
Senior Member
 
Posts: 469
Last Seen: 07-17-2017
From: Houston, TX
iTrader: 0 / 0%
Never used it, but one of the things someone I worked with did as soon as he started working on a public facing machine was to install firestarter. I think it allows you to manipulate iptables without having to sacrifice a small mammal or other black magic.
United States  Offline
    Register to Reply to This Post
Old 04-07-2011, 11:13 AM   #4
LMHmedchem
Mad Warranty Voider
LMHmedchem's Avatar
Senior Member
 
Posts: 3,566
Last Seen: 10-17-2016
From: Boston
iTrader: 1 / 100%
I installed firestarter, and it appears to let me set up a rule to allow connection between the two machines, but not to specify the port. It seems to work and be an improvement over the default firewall.

Every firewall I have ever worked with let you create rules that specified Protocol and port number, along with connection source and destination by IP address. Some times they are set up to allow you to point to a domain, and of course have pre-configured settings for various standard services. I was very surprised to see these features absent from the linux versions. Is this something that can be entered into the IP tables in a straightforward manner?

LMHmedchem
United States  Offline
    Register to Reply to This Post
Old 04-08-2011, 04:21 AM   #5
-=bluebird=-
7|-|3 07|-|3 9
-=bluebird=-'s Avatar
Senior Member
 
Posts: 1,872
Last Seen: Today
Age: 37
From: Oranienburg
iTrader: 0 / 0%
Just to clarify: these features are not absent. you just have to configure these. as i stated before, you should read the netfilter howtos. if you are looking for a fancy gui check out fwbuilder (it should be free for linux, according to the website: www.fwbuilder.org).

if you want special rules for special purposes you NEED to use your favourite editor and do by hand. this was and is how linux works. and at the end you will have a much smarter and smaller configuration then you will have if you use WYSIWYG tools...

bb
Germany  Offline
    Register to Reply to This Post
Old 06-30-2011, 03:19 PM   #6
Chillaxed
Banned!
Banned
Don't ask why unless you want to join them.
yeah like they said above i'd read up on building your own firewall with FW Builder. or you could buy a hardware firewall if you have 2 grand laying around :P
Canada  Offline
    Register to Reply to This Post
Sponsored Links:
Please Register to Post a Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -6. The time now is 08:36 AM.

Copyright ©2000 - 2016, Jelsoft Enterprises Ltd.
Powered by vBulletin
Copyright ©2000 - 2016, EXTREME Overclocking