Find the answer to your Linux question:
Results 1 to 5 of 5
Alright. First off thanks for taking time to read my post. I am running Mandriva 2005 LE(10.2), on an Athlon 2400+ with wireless as internet, and I was thinking about ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jul 2005
    Location
    Somewhere in the milkyway galaxy
    Posts
    8

    Several Network Related questions(VPN and Firewall)


    Alright. First off thanks for taking time to read my post. I am running Mandriva 2005 LE(10.2), on an Athlon 2400+ with wireless as internet, and I was thinking about implementing servers for intranet use, as well as VPN. I am using VSFTPD for FTP and Apache 1.3.3 for HTTP. I have no idea how to do certain things like only allow a certain range of IP addresses to use protcols without restrictions (I need the IPs of the VPN connected computers and the computers on the network to have unrestricted acess to FTP and HTTP as well perhaps SMB and NFS.) on the firewall that comes with Mandriva. If someone can point me in the way of a good firewall, or how to fix the firewall that comes with Mandriva that would be nice.

    The next issue is slightly more complicated. I am forced to do several things the hard way, because of restrictions in my ISP's (InsightBB) EULA. I can not do 'dedicated hosting' on my connection so I was thinking of VPN. I have a D-Link router that has several computers connect to it and masks them under one MAC address, so it only gets one IP. I need a VPN server that will allow several of my friends (also on InsightBB), to connect to my computer via VPN to my linux machine and access my wireless network, as well as servers on my linux machine. Are there any servers that will do this easily? Is there a special way this should be done with this kind of router? Should I set my linux server in the router 'DMZ'? Also all the clients will probably be windows based machines so If someone could point me in the way of a good SSL/TLS client for win32 it would be much appreciated(builtin win vpn client runs PPTP). All comments appreciated.

    Thanks,
    ph03n1x

  2. #2
    Just Joined!
    Join Date
    Jul 2005
    Location
    Somewhere in the milkyway galaxy
    Posts
    8
    Anyone?

  3. #3
    Just Joined!
    Join Date
    Jul 2005
    Location
    Vancouver BC Canada
    Posts
    1
    Hi ph03n1x,

    why dont you use iptables to do your firewall filtering? I think it would go somthing like this:

    iptables -I INPUT -i eth0 -p tcp -d 192.168.0.0/24 -j ACCEPT
    and then a default deny somwhere in there with a rule or just set iptables to default deny for whatever table you specify (INPUT, OUTPUT, FORWARD).

    for VPN you may want to use openvpn or super/openswan.. but also depending on what kind of dlink router you have you may be able to set it up to do vpn/ipsec?

    hope that helps..?

  4. #4
    Just Joined!
    Join Date
    Jul 2005
    Posts
    28
    most of these seervices you have mentioned have control lists themselves. i.e NFS sets the IPs in the /etc/exports and all inet.d services get the restrictions from /etc/hosts.allow & /etc/host.deny.

    about the other question have a look to 'radius server' I thing it may help.

  5. #5
    Linux Newbie
    Join Date
    Apr 2003
    Location
    Pontypridd, Wales
    Posts
    104
    Not sure if your really going to get what you want.

    To begin with, you probably dont have a static IP address (but you may have). Threrefore you'll require a dynamic DNS client of some description so the outside world can always find you.

    Is VPN what you really want, i suspect it would be a lot of work.

    Your router has the capability to control access to your network, it will also have the capability of internal NAT (port forwarding) to allow you to have world accessable servers on your internal network.

    I don't tink your service provided will go ape at the thought of you sharing some stuff with your mates over the network.
    \"One World, One Web, One Program.\" -- Advertisement for Internet Explorer.
    \"Ein Volk, Ein Reich, Ein Fuehrer.\" -- Adolf Hitler.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •