ip6tables: IPv6 Firewall For Linux

in Categories , , , , , , , , , , , last updated July 27, 2010

Q. IPv4 by default protect internal host using RFC 1918 private IP address. But IPv6 offers direct global address which result into exposing all internal hosts as well. How do I create default IPv6 firewall to drop all incoming (except ping6 request) connection and only allow outgoing requests from Linux workstation?

Linux Demilitarized Zone (DMZ) Ethernet Interface Requirements and Configuration

in Categories , , , , , , , , last updated January 2, 2008

Q. Can you tell me more about Linux Demilitarized Zone and Ethernet Interface Card Requirements for typical DMZ implementation? How can a rule be set to route traffic to certain machines on a DMZ for HTTP or SMTP?

A. Demilitarized zone, used to secure an internal network from external access. You can use Linux firewall to create DMZ easily. There are many different ways to design a network with a DMZ. The basic method is to use a single Linux firewall with 3 Ethernet cards. The following simple example discusses DMZ setup and forwarding public traffic to internal servers.
Continue reading “Linux Demilitarized Zone (DMZ) Ethernet Interface Requirements and Configuration”