Shorewall
is a gateway/firewall configuration tool for GNU/Linux.
Firewall OS: CentOS 7 - 64bits and Install showwall
Our Diagram:
- Installations:
- Install repo
yum
install epel-release
- Install Shorewall
yum
install shorewall -y
- SHOREWALL.CONF
vi
/etc/shorewall/shorewall.conf
STARTUP_ENABLED=Yes
- ZONE
vim
/etc/shorewall/zones
fw firewall
wan ipv4
lan ipv4
- INTERFACE
vim
/etc/shorewall/interfaces
wan eno16777736 detect
routefilter,tcpflags,logmartians,nosmurfs
lan eno33554984 detect
tcpflags
- POLICY
vim
/etc/shorewall/policy
$FW wan ACCEPT
lan $FW ACCEPT
lan wan ACCEPT
wan all DROP info
#
THE FOLLOWING POLICY MUST BE LAST
all all REJECT info
- RULES
vim
/etc/shorewall/rules
If you want to allow ping from internet add this in file rules.
Ping(ACCEPT) wan $FW
- MASQ
vim
/etc/shorewall/masq
eno16777736 172.16.5.0/24
- Verify Settings and restart
shorewall
check
shorewall restart
Done, All your network LAN 172.16.5.0/24 should be go to internet via firewall.
No comments:
Post a Comment