Talk:Firewall
Most Linux distros don't run a firewall out of box, but you should be reasonably safe unless you're running some network services (which most Linux distros also don't do out of box). Even if you are running a compromisable service, you should be okay, since there aren't many linux worms, so you'd have to be targeted by an actual live cracker. Your mileage may vary though. Security through obscurity is a bad thing, so you might want to check out what services you're running. Crazyeddie 04:57, Jul 19, 2004 (EDT)
LINUX -Ethernet Bridge Troubleshoot
I have a LINUX firewall/router server which uses a wireless card as an access point. This card is successfully delving out DHCP ip addresses to wireless clients. I'm having trouble getting a samba Server [called Backup] on the same network as the wireless clients. This is where we could please use some help. It connects to another card on this LINUX firewall/router system via a hub. The LINUX firewall has a network bridge configured at br0.
How our bridge works, we set all the to be bridged nics to no ip and so you give ifconfig a setting of promisc up which as described by the ifconfig man page means "All packets on the network will be received by the interface."
bridge name bridge id STP enabled interfaces br0 8000.001346e6250b no ath1
eth2
tap0
As you can see below, ath1, eth2, and tap0 all don't have an IP because they are all in the bridge. br0, the bridge, takes all traffic that comes from the interfaces: ath1, eth2, and tap0 and "bridges" the networks in this way as if they were all on one network card, the configuration of br0 represents this "one network card". Our bridge was constructed using the howto from the OpenVPN site with a small modification that allows three interfaces on the bridge: http://openvpn.net/bridge.html
Linux Server (Firewall):
ath1 Link encap:Ethernet HWaddr 00:14:6C:89:44:87
inet6 addr: fe80::214:6cff:fe89:4487/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:16496 errors:0 dropped:0 overruns:0 frame:0
TX packets:20112 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1904165 (1.8 Mb) TX bytes:15290428 ( 14.5 Mb)
br0 Link encap:Ethernet HWaddr 00:13:46:E6:25:0B
inet addr: 192.169.0.1 Bcast: 192.169.0.255 Mask: 255.255.255.0
inet6 addr: fe80::213:46ff:fee6:250b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:14442 errors:0 dropped:0 overruns:0 frame:0
TX packets:15492 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1618977 (1.5 Mb) TX bytes:7141959 (6.8 Mb)
eth2 Link encap:Ethernet HWaddr 00:13:46:E6:25:0B
inet6 addr: fe80::213:46ff:fee6:250b/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:122429276 errors:0 dropped:0 overruns:0 frame:0
TX packets:270420109 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:887642421 (846.5 Mb) TX bytes:2930004281 (2794.2 Mb)
Interrupt:225 Base address:0xdc00
eth3 Link encap:Ethernet HWaddr 00:16:EC:69:3C:B5
inet addr: x.x.12.2 Bcast: x.x.12.255 Mask:255.255.255.0
inet6 addr: fe80::216:ecff:fe69:3cb5/64 Scope:Link
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8140802 errors:0 dropped:0 overruns:0 frame:0
TX packets:2323611 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3906504983 ( 3725.5 Mb) TX bytes:551977672 (526.4 Mb)
Interrupt:209 Base address:0xd800
lo Link encap:Local Loopback
inet addr: 127.0.0.1 Mask: 255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:23808860 errors:0 dropped:0 overruns:0 frame:0
TX packets:23808860 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2245957434 (2141.9 Mb) TX bytes:2245957434 (2141.9 Mb)
tap0 Link encap:Ethernet HWaddr CE:3C:1D:1E:3B:41
inet6 addr: fe80::cc3c:1dff:fe1e:3b41/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:704 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:180832 ( 176.5 Kb)
wifi0 Link encap:UNSPEC HWaddr 00-14-6C-89-44-87-00-00-00-00-00-00-00-00-00-00
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:16605879 errors:0 dropped:0 overruns:0 frame:1080636
TX packets:11432729 errors:65368 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:199
RX bytes:2162385966 ( 2062.2 Mb) TX bytes:748681877 (713.9 Mb)
Interrupt:209 Memory:cf080000-cf090000
Backup [Samba] Server:
eth0 Link encap:Ethernet HWaddr 00:10:5A:01:96:0D
inet addr: 192.169.0.3 Bcast: 192.169.0.255 Mask:255.255.255.0
inet6 addr: fe80::210:5aff:fe01:960d/64 Scope:Link
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1558 errors:0 dropped:0 overruns:0 frame:0
TX packets:1304 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:198584 (193.9 Kb) TX bytes:125200 ( 122.2 Kb)
Interrupt:9 Base address:0xdf00
lo Link encap:Local Loopback
inet addr: 127.0.0.1 Mask: 255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:94 errors:0 dropped:0 overruns:0 frame:0
TX packets:94 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:6804 (6.6 Kb) TX bytes:6804 (6.6 Kb)