Transparent Firewall on CentOS
Written by pnyet   
Dibawah ini adalah tutorial singkat bagaimana membuat transparent firewall atau bridge firewall di CentOS, transparent firewall bekerja pada layer 2. Bridge atau transparent firewall cenderung lebih menarik daripada firewall konvensional, didalam transparent firewall terdapat satu interface "bridge" yang digunakan untuk menggabungkan physical network interface. Nantinya didalam bridge network interface ini akan dipasang satu IP Address yang akan digunakan untuk manajemen firewall server tersebut.
Keuntungan menggunakan transparent firewall adalah "invisible mode", orang tidak akan mengetahui bahwa di top network kita terdapat firewall yang melakukan filtering terhadap paket-paket data di internet. Misalnya, ketika orang melakukan traceroute dan bila traceroute ini tidak diijinkan maka hop yang akan berhasil mereply adalah gateway di ISP tersebut, sedangkan IP address di internal network kita akan memberikan jawaban time out :D. Aplikasi yang digunakan untuk membuat transparent firewall adalah bridge-utils dan iptables yang biasanya sudah tersedia ketika default instalasi. Sebelumnya, pastikan bahwa komputer yang akan digunakan memiliki minimal 2 network interfaces yang bagus. 
 
Bagi yang belum memiliki bridge-utils silahkan menginstal melalui YUM:
 

# yum install bridge-utils
Setelah menyimpan semua konfigurasi diatas sebaiknya create dulu interface untuk bridging yang akan dinamai br0, dan kita assign eth0 dan eth1 ke bridge interface br0. 
# brctl addbr br0
# brctl addif br0 eth0
# brctl addif br0 eth1
Buat konfigurasi bridge interface /etc/sysconfig/network-scripts/ifcfg-br0:

# vi  /etc/sysconfig/network-scripts/ifcfg-br0

DEVICE=br0
TYPE=Bridge
IPADDR=202.10.1.7
GATEWAY=202.10.1.1
NETMASK=255.255.255.240
ONBOOT=yes

Kemudian ubah konfigurasi eth0 dan eth1

 # vi /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0
TYPE=ETHER
BRIDGE=br0
ONBOOT=yes


/# vi etc/sysconfig/network-scripts/ifcfg-eth1

DEVICE=eth1
TYPE=ETHER
BRIDGE=br0
ONBOOT=yes

Selanjutnya restart service network:

# /etc/init.d/network restart

Kemudian coba ping ke ip atau domain diluar, bila tidak ada masalah seharusnya reply. Ok, selanjutnya adalah membuat script iptables sebagai paket filtering nya.

 
+/-
Write comment
Name:
Email:
 
Website:
Title:
UBBCode:
[b] [i] [u] [url] [quote] [code] [img] 
 
 
:):grin;)8):p:roll:eek:upset:zzz:sigh:?:cry
:(:x
 
Please input the anti-spam code that you can read in the image.
+/- Comments
Add New Search RSS
Anonymous   |222.174.116.xxx |11-06-2010 16:25:32
Don't complain not have beautiful appearance and stature,that is because
you need a glimpse at something beautiful.Come on,join in
our website!You will find our's fashionable Christian Louboutin,and matches with charming Herve Leger dress,now you must are very confident on your apperance.But not satistied
with this so easy,because ourwebsite also has Jimmy Choo Shoes and Manolo Blahnik Shoes which is the most popular items this year,it can bring much surprise to
you,you must have the same feeling with me,it's terrific!Don't forget
our leisure companion Vibram Five Fingers and fitness companion MBT Shoes,they are necessities in your dalily life! And more much more than ...
Reply | Quote
0 0
abi   |124.160.102.xxx |06-07-2010 10:29:48
We saw it for
balenciaga handbags a moment and then the match went I told him it would lead to his yigdrg balenciaga bags out.Our hearts burberry turned sick and cold inside us.'The devil!The murderer!I shall never
forgive myself for leaving burberry replica Sir Henry alone,'burberry handbags I whispered angrily.wyj
Reply | Quote
0 0
Anonymous   |221.6.130.xxx |09-07-2010 13:13:50
My skin's still burning from your touch goa gold. Oh I just can't get enough I gates of andaron gold. Said I wouldn't ask for much cheap goa gold. But your eyes are dangerous buy gates of andaron gold oh the thought keep spinning in my head buy goa gold can we drop this masquerade,I can't predict where it ends.
Reply | Quote
0 0
Anonymous   |125.69.137.xxx |20-07-2010 09:20:05
christian louboutin
ugg boots
ghd straightener
jordan shoes
nfl jerseys
ghd
chi flat iron

ed hardy
ed hardy shirts
ed hardy t shirts
ed hardy womens clothing
ed hardy womens
ed hardy t shirts men
ed hardy mens t shirts
ed hardy kids
ed hardy for kids
kids ed hardy shirts
p90x reviews
Reply | Quote
0 0
yuyangguoji  - lw   |222.174.116.xxx |20-07-2010 12:34:36
I firmly believe you need the Action Adventure with reasonable price that with the high quality,and we will let your
dream come true,a bloody cool boy is born with our mbt boots in the crowd.So don't hesitate,just come to our online shop to catch the
opportunity once in the blue moon,to pick up and buy our workout dvd,a wide range from mbt boots,sport shoes and wholesale mbt to p90x fitness.Of course we are sure you will not miss our fantasy cheap video.
Men MBT M.Walk shoes,cheap MBT M.Walk shoes,cheap Women MBT M.Walk shoes,cheap Men MBT M.Walk shoes,MBT Lami shoes,cheap MBT Lami shoes,MBT Lami shoes sale,MBT Lami shoes for sale,cheap MBT Lami shoes sale,MBT Sport Shoes,cheap MBT Sport Shoes,MBT Spor...
Reply | Quote
0 0
yuyangguoji  - lw   |222.174.116.xxx |20-07-2010 12:43:55
I firmly believe you need the Action Adventure with reasonable price that with the high quality,and we will let your
dream come true,a bloody cool boy is born with our mbt boots in the crowd.So don't hesitate,just come to our online shop to catch the
opportunity once in the blue moon,to pick up and buy our workout dvd,a wide range from mbt boots,sport shoes and wholesale mbt to p90x fitness.Of course we are sure you will not miss our fantasy cheap video.
Men MBT M.Walk shoes,cheap MBT M.Walk shoes,cheap Women MBT M.Walk shoes,cheap Men MBT M.Walk shoes,MBT Lami shoes,cheap MBT Lami shoes,MBT Lami shoes sale,MBT Lami shoes for sale,cheap MBT Lami shoes sale,MBT Sport Shoes,cheap MBT Sport Shoes,MBT Spor...
Reply | Quote
0 0
babydoll     |120.36.36.xxx |20-07-2010 13:45:40
Now lots of people buy adult *** product to improve *** life high stocking,we supply all kinds of adult *** product Long Lady Stocking,because we are manufacture and have our factory women stocking,our product are all safe and wholesale wife babydoll,welcome to visit our store pijamas,all kinds of adult *** product for female and male open bust babydoll, you will buy your love *** product from our store Strap on dildos,adult *** product will greatly improve the quality of your *** life stocking online,*** life is very important baby doll nighties,*** life is harmonious babydoll costumes,the life is happies Wholesale Long Stocking,you can introduce your family and friend to visit our store Finger vibrators,best wi...
Reply | Quote
0 0
Muslim Items   |61.154.6.xxx |29-07-2010 16:19:04
298274818336917502974 From the official Muslim Abaya website of anticipated Muslim Items Star Wars The Muslim hijab Old Republic comes Islamic abaya this new video where the Muslim scarf game designers Buy Muslim Abaya tell us a little about Cheap Muslim Abaya the 2 different Buy Muslim Items classes find Sith characters Cheap Muslim Items in the game, The Islamic hijab Inquisitor Sith Islamic scarf and Sith Warrior. They explain a lot of Islamic Items pictures as designed Muslim wear these characters and Muslim clothing their characteristics Muslim wear Pas Cher one more devoted Muslim wear to the use of force Muslim clothing powers and one more Muslim Items For Sale dedicated to close combat.
Reply | Quote
0 0

3.26 Copyright (C) 2008 Compojoom.com / Copyright (C) 2007 Alain Georgette / Copyright (C) 2006 Frantisek Hliva. All rights reserved."
 
[ Back ]

Yahoo Chatt

Blogroll

Dhanuxe
fl3xu5
Kamas Muhammad
Irving Nazmi
Masterpop3
Melwin
Ozie
P. Nanang Sg.
Pataka
Republik Blogger
Yogie
Yusuf Hadiwinata
Vavai

Community

CentOS ID
ECHO
Forum Linux
Kecoak Elektronik
Linux Questions
OS Commerce's Forum
Security Focus
Zimbra ID

Security Advisories

ECHO
IPSecs
Milw0rm
mod_vvisit_countermod_vvisit_countermod_vvisit_countermod_vvisit_countermod_vvisit_countermod_vvisit_countermod_vvisit_counter
mod_vvisit_counterToday71
mod_vvisit_counterYesterday175
mod_vvisit_counterThis week652
mod_vvisit_counterThis month4250
mod_vvisit_counterAll186766

My Google Page Rank

My Google Page Rank