Pages

Friday, 28 December 2012

how to setup a firewall under ubuntu



apt-get install firehol

# Enable all your services and interfaces you need
# run this to automatically generate a config file or a template
firehol-wizard helpme >/etc/firehol/firehol.conf

# look at /etc/firehol/firehol.conf
# take out all the comments, disable anything that you dont need
# this is what I have (a standalone server, with no computer behing me)
# I have ssh, asterisk, http running on my computer
# I allow people on my network to ping, sip, ssh, http me
# I allow people on internet to ssh, http, sip me

interface eth0 interface1 src "128.195.100.0/24"

        server ICMP accept
        server sip accept
        server ssh accept
        server http accept

        client all accept

interface eth0 interface2 src not "${UNROUTABLE_IPS} 128.195.100.0/24"

        policy drop

        # server iax2 accept
        # server ICMP accept
        server sip accept
        server ssh accept
        server http accept

        client all accept

# nano /etc/default/firehol
# change no to yes

# make sure it runs when startup
ln -s ../init.d/firehol S92firehol
# restart servies
/etc/init.d/firehol restart

# go to this web site to port scan your computer
-----------------------------------------------------------------
View What Your Firewall Blocks

apt-get install fwanalog
# open your browser as root
# go to /var/log/fwanalog/today.html

# you will see a beautiful report!