How to set up a firewall bases on iptables and Ubuntu 12.04

回覆文章
tony
文章: 585
註冊時間: 2012-02-26, 07:04
聯繫:

How to set up a firewall bases on iptables and Ubuntu 12.04

未閱讀文章 tony »

This article describes how to install a firewall based on iptables, Ubuntu 12.04 and FWBuilder 5.

1. First install FWBuilder, create a new firewall and configure your policies and NAT rules.

2. Next enable packet forwarding for IPv4. Therefor edit the sysctl.conf file.
nano /etc/sysctl.conf

Search for this line and uncomment it so that it looks like the following
net.ipv4.ip_forward=1

3. Now you need a place to store the FWBuilder file on the firewall server
mkdir /etc/firewall

4. Create a new script /etc/init.d/firewall to start and stop the firewall
# Required-Start: $network
# Required-Stop:
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: start and stop the Firewall
### END INIT INFO

opts="start stop restart"
bin=/etc/firewall/firewall-rules.fw
trapped_log=/var/log/trapped.log
traf_log=/var/log/traffic.log

case "$1" in
start)
$bin
;;

stop)
/sbin/iptables --flush
/sbin/iptables -t nat --flush
/sbin/iptables -F -t mangle
/sbin/iptables -P INPUT ACCEPT
/sbin/iptables -P OUTPUT ACCEPT
/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables -t nat -P POSTROUTING ACCEPT
/sbin/iptables -t nat -P PREROUTING ACCEPT
/sbin/iptables -t nat -P OUTPUT ACCEPT
;;

esac

exit 0

5. Make the init.d script executable.
chmod +x /etc/init.d/firewall

6. Install the script to start and stop automatically on systen boot und shutdown
update-rc.d firewall defaults
回覆文章

誰在線上

正在瀏覽這個版面的使用者:沒有註冊會員 和 1 位訪客