Hello All,
i am administrating some servers for selected users, the selection of users currently is administrated by iptables firewall. i need to make one central server which should be able to accept current users and then send requests to destination server respectively.
In short i want a central hub server for making security better managed. Can any one give me good idea on this issue.
Regards,
central firewall/gateway server
-
- Naik
- Posts: 68
- Joined: Thu Aug 07, 2008 6:09 pm
- Location: karachi
what does that mean? are you the system administrator for servers used by some users?i am administrating some servers for selected users
what does that mean? the servers have iptable rules to control which users can use the servers? what kind of servers are these? how are the users using the servers? do all the servers have different rules? do a few servers have the same rules, and a few others have different rules? how many servers does a user have access to? what kind of access do they have?the selection of users currently is administrated by iptables firewall.
what does that mean? how should it "accept" users? how should it send "requests" to destination servers? what kind of requests should it send?i need to make one central server which should be able to accept current users and then send requests to destination server respectively.
your summary doesn't help at all. a hub for what? rules? requests? users? what kind of security? what are you trying to secure? the servers, the users, the requests they make, what exactly?In short i want a central hub server for making security better managed.
you have to you have to do a much better job of explaining your situation. when you post a message, don't you see the posting rules? let me repeat the first one for you:Can any one give me good idea on this issue.
* Make sure you read and follow all the instructions in How To Ask Questions The Smart Way. Failure to follow it might cause your question to be ignored.
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
-
- Naik
- Posts: 68
- Joined: Thu Aug 07, 2008 6:09 pm
- Location: karachi
central firewall/gateway server
Hello lambda,
I am a system admin, i run multiple server and all have same iptables rules. iptables defined for different ip's owned by my company users, i want to make one central server which should work as a "Centralized firewall Server". Any idea on how this can be implemented?
Regards,
I am a system admin, i run multiple server and all have same iptables rules. iptables defined for different ip's owned by my company users, i want to make one central server which should work as a "Centralized firewall Server". Any idea on how this can be implemented?
Regards,
if i understand your situation correctly, you need a linux box with two ethernet interfaces. you need to put all the servers on one side of the box, and all the users on the other side). configure the linux box to do bridging, and then apply the iptable rules on it. you may or may not be better off using ebtables instead of iptables.
if, instead, you just want to configure all the systems from one host, you can use cfengine, or any other configuration engine software that copies/implements the iptable rules on the servers.
if, instead, you just want to configure all the systems from one host, you can use cfengine, or any other configuration engine software that copies/implements the iptable rules on the servers.
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?