Talk:Firewall

Most Linux distros don't run a firewall out of box, but you should be reasonably safe unless you're running some network services (which most Linux distros also don't do out of box). Even if you are running a compromisable service, you should be okay, since there aren't many linux worms, so you'd have to be targeted by an actual live cracker. Your mileage may vary though. Security through obscurity is a bad thing, so you might want to check out what services you're running. Crazyeddie 04:57, Jul 19, 2004 (EDT)

LINUX -Ethernet Bridge Troubleshoot
I have a LINUX firewall/router server which uses a wireless card as an access point. This card is successfully delving out DHCP ip addresses to wireless clients. I'm having trouble getting a samba Server [called Backup] on the same network as the wireless clients. This is where we could please use some help. It connects to another card on this LINUX firewall/router system via a hub. The LINUX firewall has a network bridge configured at br0.

How our bridge works, we set all the to be bridged nics to no ip and so you give ifconfig a setting of promisc up which as described by the ifconfig man page means "All packets on the network will be received by the interface."

bridge name    bridge id               STP enabled     interfaces br0            8000.001346e6250b       no                    ath1 eth2 tap0 As you can see below, ath1, eth2, and tap0 all don't have an IP because they are all in the bridge. br0, the bridge, takes all traffic that comes from the interfaces: ath1, eth2, and tap0 and "bridges" the networks in this way as if they were all on one network card, the configuration of br0 represents this "one network card". Our bridge was constructed using the howto from the OpenVPN site with a small modification that allows three interfaces on the bridge: http://openvpn.net/bridge.html

Linux Server (Firewall): ath1     Link encap:Ethernet  HWaddr 00:14:6C:89:44:87 inet6 addr: fe80::214:6cff:fe89:4487/64 Scope:Link UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500  Metric:1 RX packets:16496 errors:0 dropped:0 overruns:0 frame:0 TX packets:20112 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1904165 (1.8 Mb) TX bytes:15290428 ( 14.5 Mb)

br0      Link encap:Ethernet  HWaddr 00:13:46:E6:25:0B inet addr: 192.169.0.1 Bcast: 192.169.0.255  Mask: 255.255.255.0 inet6 addr: fe80::213:46ff:fee6:250b/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500  Metric:1 RX packets:14442 errors:0 dropped:0 overruns:0 frame:0 TX packets:15492 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1618977 (1.5 Mb) TX bytes:7141959 (6.8 Mb)

eth2     Link encap:Ethernet  HWaddr 00:13:46:E6:25:0B inet6 addr: fe80::213:46ff:fee6:250b/64 Scope:Link UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500  Metric:1 RX packets:122429276 errors:0 dropped:0 overruns:0 frame:0 TX packets:270420109 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:887642421 (846.5 Mb) TX bytes:2930004281 (2794.2 Mb) Interrupt:225 Base address:0xdc00

eth3     Link encap:Ethernet  HWaddr 00:16:EC:69:3C:B5 inet addr: x.x.12.2 Bcast: x.x.12.255  Mask:255.255.255.0 inet6 addr: fe80::216:ecff:fe69:3cb5/64 Scope:Link UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500  Metric:1 RX packets:8140802 errors:0 dropped:0 overruns:0 frame:0 TX packets:2323611 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:3906504983 ( 3725.5 Mb) TX bytes:551977672 (526.4 Mb) Interrupt:209 Base address:0xd800

lo       Link encap:Local Loopback inet addr: 127.0.0.1  Mask: 255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436  Metric:1 RX packets:23808860 errors:0 dropped:0 overruns:0 frame:0 TX packets:23808860 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2245957434 (2141.9 Mb) TX bytes:2245957434 (2141.9 Mb)

tap0     Link encap:Ethernet  HWaddr CE:3C:1D:1E:3B:41 inet6 addr: fe80::cc3c:1dff:fe1e:3b41/64 Scope:Link UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500  Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:704 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 b) TX bytes:180832 ( 176.5 Kb)

wifi0    Link encap:UNSPEC  HWaddr 00-14-6C-89-44-87-00-00-00-00-00-00-00-00-00-00 UP BROADCAST RUNNING MULTICAST MTU:1500  Metric:1 RX packets:16605879 errors:0 dropped:0 overruns:0 frame:1080636 TX packets:11432729 errors:65368 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:199 RX bytes:2162385966 ( 2062.2 Mb) TX bytes:748681877 (713.9 Mb) Interrupt:209 Memory:cf080000-cf090000

Backup [Samba] Server:

eth0     Link encap:Ethernet  HWaddr 00:10:5A:01:96:0D inet addr: 192.169.0.3 Bcast: 192.169.0.255  Mask:255.255.255.0 inet6 addr: fe80::210:5aff:fe01:960d/64 Scope:Link UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500  Metric:1 RX packets:1558 errors:0 dropped:0 overruns:0 frame:0 TX packets:1304 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:198584 (193.9 Kb) TX bytes:125200 ( 122.2 Kb) Interrupt:9 Base address:0xdf00

lo        Link encap:Local Loopback inet addr: 127.0.0.1 Mask: 255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436  Metric:1 RX packets:94 errors:0 dropped:0 overruns:0 frame:0 TX packets:94 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:6804 (6.6 Kb) TX bytes:6804 (6.6 Kb)