This article continues mini-series started with the post Introduction to Firewall Builder 4.0. This article is also available as a section in the “Firewall Builder Cookbook” chapter of Firewall Builder Users Guide 4.0.
Firewall Builder 4.0 is currently in beta testing phase. If you find it interesting after reading this post, please download and try it out. Source code archives, binary deb and rpm packages for popular Linux distributions and commercially distributed Windows and Mac OS X packages are available for download here.
In this post I demonstrate how Firewall Builder can be used to generate firewall configuration for a clustered web server with multiple virtual IP addresses. The firewall is running on each web server in the cluster. This example assumes the cluster is built with heartbeat using “old” style configuration files, but which high availability software is used to build the cluster is not really essential. I start with the setup that consists of two identical servers running Linux but in the end of the article I am going to demonstrate how this configuration can be converted to OpenBSD with CARP.
This entry is part 1 of 4 in the series Linux Firewall Cluster Configuration with Firewall Builder v4.:
Lighttpd supports both IPv6 and IPv4 protocol out of box. You need to compile lighttpd with IPv6 support. This small how to explains how to enable both IPv6 and IPv4 support under GNU/Linux / UNIX and FreeBSD operating systems.
If you need to calculate subnet under Linux use an IP Netmask/broadcast calculator called ipcal. You can calculate IPv4 or IPv6 address. Supported features:
=> Multiple address and netmask input formats.
=> Retrieving of address information from interfaces.
=> Classfull and CIDR output.
=> Multiple address and netmask output formats (dotted quad, hex, number of bits).
=> Output of broadcast address, network class, Cisco wildcard, hosts/range, network range.
=> Output of multiple types of bitmaps.
=> Output of a user-defined number of extra networks.
=> Multiple networks input from commandline.
=> DNS resolutions of hostnames.
=> Compressed and expanded input addresses.
=> Compressed and expanded output.
Continue reading “Linux Calculating Subnets with ipcalc and sipcalc Utilities”