This article describes how to install a firewall based on iptables, Ubuntu 12.04 and FWBuilder 5.
1. First install FWBuilder, create a new firewall and configure your policies and NAT rules.
2. Next enable packet forwarding for IPv4. Therefor edit the sysctl.conf file.
nano /etc/sysctl.conf
Search for this line and uncomment it so that it looks like the following
net.ipv4.ip_forward=1
3. Now you need a place to store the FWBuilder file on the firewall server
mkdir /etc/firewall
4. Create a new script /etc/init.d/firewall to start and stop the firewall
# Required-Start: $network
# Required-Stop:
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: start and stop the Firewall
### END INIT INFO
opts="start stop restart"
bin=/etc/firewall/firewall-rules.fw
trapped_log=/var/log/trapped.log
traf_log=/var/log/traffic.log
case "$1" in
start)
$bin
;;
stop)
/sbin/iptables --flush
/sbin/iptables -t nat --flush
/sbin/iptables -F -t mangle
/sbin/iptables -P INPUT ACCEPT
/sbin/iptables -P OUTPUT ACCEPT
/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables -t nat -P POSTROUTING ACCEPT
/sbin/iptables -t nat -P PREROUTING ACCEPT
/sbin/iptables -t nat -P OUTPUT ACCEPT
;;
esac
exit 0
5. Make the init.d script executable.
chmod +x /etc/init.d/firewall
6. Install the script to start and stop automatically on systen boot und shutdown
update-rc.d firewall defaults
How to set up a firewall bases on iptables and Ubuntu 12.04
-
- 文章: 585
- 註冊時間: 2012-02-26, 07:04
- 聯繫:
誰在線上
正在瀏覽這個版面的使用者:沒有註冊會員 和 1 位訪客