« Restore Data
Pulang »

Shorewall – Shoreline Firewall

Last week, i’ve tried to install a software based firewall on Ubuntu. It used to simulated network segmentation for access and security. For this security simulation test, I’ve chosed a software based firewall called Shorewall and use virtual workstation using VirtualBox. Shorewall was installed on my laptop as VirtualBox host PC. And for client and server, I used 2 virtual Windows XP Operating System.

The Shoreline Firewall, more commonly known as “Shorewall”, is high-level tool for configuring Netfilter (the packet filter facility builtinto the 2.4 and later Linux kernels). You describe your firewall/gateway requirements using entries in a set of configuration files. Shorewall reads those configuration files and with the help of the iptables, iptables-restore, ip and tc utilities, Shorewall configures Netfilter and the Linux networking subsystem to match your requirements. Shorewall can be used on a dedicated firewall system, a multi-function gateway/router/server or on a standalone GNU/Linux system. Shorewall does not use Netfilter’s ipchains compatibility mode and can thus take advantage of Netfilter’s connection state tracking capabilities.

Shorewall use zone concept firewall, it’s means that shorewall views the network where it is running as being composed of a set of zones. Shorewall has a default policy that all defined rules should based on it. That default policy ruled out all of zone that defined before. All other main feature that included on Shorewall is:

  • Uses Netfilter’s connection tracking facilities for stateful packet filtering.
  • Can be used in a wide range of router/firewall/gateway applications.
  • Supports centralized firewall administration
  • Flexible address management/routing support
  • and much more as listed on the official site

And maybe i’ll post my test result for this Shorewall Configuration that separate 2 network segment. cekidot aja yah… :D

Tags: , , , , , ,

This entry was posted on Saturday, November 28th, 2009 at 10:58 and is filed under internet, security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Related Post:
  • » Ready for Mobile Access
  • » Cloud Computing
  • » Kriptografi Simetris pada Smart Card
  • » Finally, Welcome FLASH .. Bye IM2
  • » Hacked
  • » Shorewall Installation
  • » SSL: Securing Your Web Server
  • » Nyobain Google Chrome for Linux
  • » Google Buzz Hadir Hari Ini
  • » A brief overview of Firewalls

    • 2 Responses to “Shorewall – Shoreline Firewall”

    1. Shorewall Installation | satriapermana[dot]net says:
      January 6, 2010 at 13:00

      [...] all, continuing from last post about Shorewall now I’ll try to tell you all about how to install it. This installation consist of 2 [...]

    2. Firewall: DROP vs REJECT | satriapermana[dot]net says:
      January 11, 2010 at 12:48

      [...] a packet reaches the firewall, it is run against a set of rules. These rules may rely on existing state (eg. to match existing or [...]

    Leave a Reply