firewall policy

Here I present an abbreviated explanation of the process of creating firewall and cluster objects. More detailed step-by-step guides are available in sections “Firewall Object” and “Cluster Object” of the Firewall Builder Users Guide.

{ 0 comments }

Firewall Builder Logo

This article continues mini-series started with the post Introduction to Firewall Builder 4.0. This article is also available as a section in the “Firewall Builder Cookbook” chapter of Firewall Builder Users Guide 4.0.

Firewall Builder 4.0 is currently in beta testing phase. If you find it interesting after reading this post, please download and try it out. Source code archives, binary deb and rpm packages for popular Linux distributions and commercially distributed Windows and Mac OS X packages are available for download here.

In this post I demonstrate how Firewall Builder can be used to generate firewall configuration for a clustered web server with multiple virtual IP addresses. The firewall is running on each web server in the cluster. This example assumes the cluster is built with heartbeat using “old” style configuration files, but which high availability software is used to build the cluster is not really essential. I start with the setup that consists of two identical servers running Linux but in the end of the article I am going to demonstrate how this configuration can be converted to OpenBSD with CARP.

This entry is part 1 of 4 in the series Linux Firewall Cluster Configuration with Firewall Builder v4.:

{ 7 comments }

If you’re new to Linux, here’s a simple firewall that can be setup in minutes. Especially those coming from a Windows background, often lost themselves while creating linux firewall. This is the most common question asked by Linux newbies (noobs). How do I install a personal firewall on a standalone Desktop Linux computer. In other […]

{ 6 comments }

The Internet Control Message Protocol (ICMP) has many messages that are identified by a “type” field. You need to use 0 and 8 ICMP code types. => Zero (0) is for echo-reply => Eight (8) is for echo-request. To enable ICMP ping incoming client request use following iptables rule (you need to add following rules […]

{ 24 comments }