central firewall/gateway server

Taking care of your Linux box.

central firewall/gateway server

Postby ghulam yaseen » Sat Apr 11, 2009 6:24 pm

Hello All,

i am administrating some servers for selected users, the selection of users currently is administrated by iptables firewall. i need to make one central server which should be able to accept current users and then send requests to destination server respectively.
In short i want a central hub server for making security better managed. Can any one give me good idea on this issue.


Regards,
ghulam yaseen
Naik
 
Posts: 68
Joined: Thu Aug 07, 2008 6:09 pm
Location: karachi

Postby lambda » Sat Apr 11, 2009 9:29 pm

i am administrating some servers for selected users
what does that mean? are you the system administrator for servers used by some users?
the selection of users currently is administrated by iptables firewall.
what does that mean? the servers have iptable rules to control which users can use the servers? what kind of servers are these? how are the users using the servers? do all the servers have different rules? do a few servers have the same rules, and a few others have different rules? how many servers does a user have access to? what kind of access do they have?

i need to make one central server which should be able to accept current users and then send requests to destination server respectively.
what does that mean? how should it "accept" users? how should it send "requests" to destination servers? what kind of requests should it send?

In short i want a central hub server for making security better managed.
your summary doesn't help at all. a hub for what? rules? requests? users? what kind of security? what are you trying to secure? the servers, the users, the requests they make, what exactly?

Can any one give me good idea on this issue.
you have to you have to do a much better job of explaining your situation. when you post a message, don't you see the posting rules? let me repeat the first one for you:
* Make sure you read and follow all the instructions in How To Ask Questions The Smart Way. Failure to follow it might cause your question to be ignored.
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore

central firewall/gateway server

Postby ghulam yaseen » Sat Apr 11, 2009 9:53 pm

Hello lambda,

I am a system admin, i run multiple server and all have same iptables rules. iptables defined for different ip's owned by my company users, i want to make one central server which should work as a "Centralized firewall Server". Any idea on how this can be implemented?

Regards,
ghulam yaseen
Naik
 
Posts: 68
Joined: Thu Aug 07, 2008 6:09 pm
Location: karachi

Postby lambda » Sat Apr 11, 2009 11:10 pm

if i understand your situation correctly, you need a linux box with two ethernet interfaces. you need to put all the servers on one side of the box, and all the users on the other side). configure the linux box to do bridging, and then apply the iptable rules on it. you may or may not be better off using ebtables instead of iptables.

if, instead, you just want to configure all the systems from one host, you can use cfengine, or any other configuration engine software that copies/implements the iptable rules on the servers.
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore


Return to “%s” Administration

Who is online

Users browsing this forum: No registered users and 1 guest

cron