It is not, however, intended to be a replacement for an experienced network administrator in a critical environment. If you aren't familiar with the details of setting up a firewall and you have important data you need to protect then I strongly recommend you obtain a good book on firewalls. One such is O'Reilly & Associates' Building Internet Firewalls, ISBN 1-56592-124-0. Another is Firewalls and Internet Security: Repelling the Wily Hacker, ISBN 0-20163-357-4. A good book about general security is Practical Unix and Internet Security, ISBN 1-56592-148-8. In association with Amazon.com you can order these books online.
The ipfwadm dotfile module is currently in beta release.
You can download the stable beta (0.26b 10/06/98 26kb) (via HTTP), or try a snapshot of the current development state (03/13/99 28kb) (via HTTP) if you're interested. You can also get signed MD5 checksums of the tarballs (finger jhardin@gonzo.wolfenet.com or see my home page for my public key) and view a list of changes.
You'll also need version 2.0 or greater of the Dotfile Generator (download RPMs here), Tcl/Tk, X and ipfwadm, and support for IP firewalling, the /proc virtual filesystem, IP forwarding and (optionally) IP Masquerading compiled into your kernel.
Note that you do not necessarily have to have X windows installed on the system that is doing the firewalling - it is perfectly reasonable to install TDG and Tcl/Tk on the firewall system and telnet (or, better yet, SSH) in from an X workstation that is behind the firewall.
Once you've located the dotfile modules directory, extract the ipfwadm module files from the tarball - for example:
cd /usr/local/lib/dotfile-2.2 tar zxvf /tmp/ipfwadm-dotfile-*.tgz chmod 755 ipfwadm chmod 644 ipfwadm/*
At this point you should be able to run the command dotfile and see the ipfwadm module in the list of available modules.
Disclaimer: If you're protecting critical information, do not blindly trust the firewall configuration file that this tool produces!
The Linux Webring:
[ Home |
Index |
Next |
Prev |
Random |
Stats ]
Help stop spam - join CAUCE!