|
Server setup for Web Purposes with custom Firewall
Hi,
I am a little bit of a newbie starting out with Linux. I must say that I am pretty impressed so far. I just managed to get my firewall setup and let me explain the setup as to how I got there so you have an understanding of my architecture and will allow you guys to help me here. Linux Distro: Fedora Core 4 2 NIC cards. -eth0 has DSL line coming in from provider -eth1 is connected to D-LINK router with an IP of 192.168.*.* Running FireStarter (http://www.fs-security.com/) as my firewall and it is up an running. I can ping my XP box and vice versa. Question #1: I am able to SSH into my linux box from PC’s within my network. I would like to also connect to my linux box from my work also via SSH, but I am unsure as to how? Can someone please help? Questions #2: I read the “Perfect Setup for Fedora Core 4”, and there are some gaps that I need answered to as my setup is a little different. I would like to setup my Linux Firewall box as a Web Server as well with Apache running on it. What would be the steps for this if I am running a setup like I have listed above as the document on the site assumes you have a static IP address from your provider with a host name? I hope this all makes sense. If not, please post a reply and I will reply in more detail. Thanks again |
Is your Fedora box in a local network behind a router, or is it directly connected to the internet? Why does it have 2 network cards? I found this a little bit unclear...
|
Hi Falko,
Thanks for your reply. My Linux box is acting as the firewall and as such I have 2 NIC cards. eth0 has the external line from my DSL Provider and eth1 has the internal line with an IP of 192.168.*.* and is directly connected to my D-LINK router. So I guess "Yes, my linux box is in a local network behind a router. Also, I last night just setup a domain and configured it with Apache, and I am able to run http://localhost and http://IP_ADDRESS_OF_SERVER and I can see my Apache test page, but when I http://mydomain.org is comes to some sort of Modem Status page from my provider...weird????!!!!! Why do I not see the apache test page like I should be. The reason why I am posting it here is because it almost seems like the same thing where an outside source is not able to see my network/domain. Internall I can run everything smoothly, but from the outside I can not. I did read a little more on the web after I posted this that thing much be 99% more easier if I had domain registered and configured on my linux box with Apache, which I did now. So essentially I can SSH into my domain and get onto that Linux box like SSH mydomain.com I hope this clears up some things for you :) Awaiting for your reply eagerly :) |
Also, I went to your site and read up on "Perfect Setup for Fedora Core 4". Can you please explain a little more on ISPConfig. I went to the site and I am still a little unclear as to the purpose of it. Is it a GUI for a firewall like FireStarter?
Should I be using ISPConfig to benifit my needs? |
Quote:
Quote:
Quote:
|
Quote:
You can also set up a simple firewall with it. With this firewall you can block ports. It's good for servers, but as I'M not quite sure yet if your system is also acting as a router I can't tell you if the ISPConfig firewall is good for you. |
Sorry, let me be a little more clear and in detail.
The way I set it up is the way many online howto documents are telling me to do it. Here are two examples: #1 http://www.webmonkey.com/webmonkey/9...tml?tw=backend (Look at the 4th Paragraph) #2 http://www.fs-security.com/docs/connection-sharing.php (This is the site for the firewall app and it also gave a rundown on how to setup a home firewall) So my 2nd NIC card is plugged into my Hub/Router and the rest of my PC's (Windows based for now) are set with a static IP like 192.168.*.* with the default gateway set to the IP address of the eth1 on my linux box The IP_ADDRESS_OF_SERVER is the IP Address of my Linux machine (192.168.*.*) and not of the DSL Provider (I assume you mean this as my public IP Address) Does this give you a better understanding of what I have setup? Another thing I have now noticed is that to try and work with my D-LINK Router to see if I can enable port forwarding, I need to get into my D-LINK settings via logging into it as the IP Address of the router is 192.168.0.1 (the default). But now I can not for some reason. It will not reconize it anymore. What happened here???? Any other questions please ask. Also, great site!!! I like what you have done with it and there is plenty of info there for people like me :) |
I just wanted to give an update here. I was fooling around a little more this evening and this is where I got now. I am no longer seeing my DSL's modem status page when I type http://idbsgroup.hoptp.com. Now I see the infamous page can not be found on XP and on my linux machine I get "The connection was refused when attempting to contact 69.156.*.*:8***"
So when I do a ping on my domain it is working now and I can do it from the web also (I had my friend test it with ping). When I performed a trace route, it went back to my domain provider so I am assume I got the domain issue solved. Now it seems like my firewall is not letting me see my apache test page. In my httpd.conf file I have an entry for my listener as listen 192.168.*.*:8*** Is this right? Or should I have listen 8*** ??? So now my issue is why I can not access the actual page now. Seems like I have gotten one step further :) |
Quote:
Code:
Listen 80Code:
listen 192.168.*.*:8*** |
I've just found out this:
Code:
# dig idbsgroup.hoptp.com |
| All times are GMT +2. The time now is 14:29. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.