[Shorewall-newbies] simple firewall setup
linuxg33k at shaw.ca
Sat Dec 27 15:39:00 PST 2003
I have read all the documentation on the Shorewall website, news groups,
googled every piece of information that I could on the following and
asked on IRC about possible solutions.
The problem is that all the documentation assumes that shorewall is
being used in a firewall/router scenario, and all the configuration
files seem to be geared toward setting up zones on various interfaces
and routing between them as the primary focus. Everything is
overshooting my needs - all the information so far stipulates setting
up multiple network cards, multiple zones, multiple definitions of
zones, assigning zones to network interfaces and routing between those.
I have an off the shelf Netgear firewall/router and 3 linux machines
behind it, one of the boxes will be a backup server that should only
talk to the other two and nothing more - kiss principle i guess. All I
am interested in is using shorewall on an internal network to send and
recieve all traffic on a an internal ip range of something like
192.168.0.2/192.168.0.50 on eth 0, and perhaps add port blocking to
reduce access even further.
*How do I simply tell shorewall to accept all traffic from ip range of
192.168.0.2/192.168.0.5 on eth0? Are there any examples of this with
port filtering as well?*
I have tried setting up zones, setting up hosts, setting up policies,
defining interfaces, blacklists, but nothing really jumps out as to how
to setup a simple personal firewall.
Any tips would be greatly appreciated.
More information about the Shorewall-newbies