FWTK is the tool market that one apply mechanically will come to build and safeguard in-house network firewall. It included a lot of substantive package, major component is acting application process, wait like Telnet, FTP, Rlogin, Sendmail, HTTP, X Windows. Wait for congener software photograph to compare with Squid, Socks, its outstanding advantage is not only can appoint visit regulation from address of the leader name of this locality and target ground, IP, and can allow according to visitting an operation or reject a certain executive order, reflected the dominant position that uses a gateway adequately. How does the article use FWTK to configure the acting server on Linux firewall for exemple introduction with Telnet.
Systematic environment and design target
The system configures an environment: Red Hat Linux 6.1, FWTK V2.1, double net gets stuck (use at exterior network together, use at in-house network together) , set 192.9.200. * is exterior network, 10.1.1. * is interior child net.
Design an object:
User of ● in-house network is OK Telnet arrives on aleatoric and exterior lead plane;
User of ● exterior network must be in the ability after be being permitted through attestation is OK Telnet arrives on in-house lead plane;
● allows 10.1.1.5 Telnet to arrive on firewall lead plane only (use at long-range management) ;
When all ● users act as agent through firewall, allow to use average user limits of authority only;
● restricts overtime setting to be 300 seconds;
● can compile the clew information on firewall by oneself.
Install FWTK
1. Build list / Home/fwtk, in copying Fwtk.tar.z this catalog, see a package: Tar Xzvf Fwtk.tar.z.
2. Prepare to compile:
● replaces Makefile.config; with Makefile.config.linux
The # date take out before group of the AUXLIB=-lcrypt in ● general Makefile.config;
● the CFLAGS=-I in Auth/Makefile... add after $(COPT) group - I /usr/inclue/db1.
3. Compile: Make.
4. Installation: Make Install, acquiescent installation is in all executable files / in Usr/local/etc catalog.
File of the configuration that make
1. Configuration / Etc/services. Act as agent to Telnet (abbreviation Tn-gw) increase port number: Tn-gw 3333/tcp
2. Configuration / Etc/inetd.conf. Will normally Telnet port moves to 3333, telnet representative is monitored in 23 port (with high-end mouth protection normal Telent serves, netacl is the TCP that FWTK offers packages an order, function and Tcpd likeness) : Telnet Stream Tcp Nowait Root /usr/local/etc/tn-gw Tn-gwTn-gw Stream Tcp Nowait Root /usr/local/etc/netacl In.telnetd
Executive command Killall -HUP Inetd makes alter become effective.
3. Configuration / Usr/local/etc/netperm-table (among them the content of.txt file is written by oneself, but must assure to agree with the method of Directory) :
● control logs onto firewall lead plane (normal Telnet) part:
Previous12 Next
Hot Concern
Random Recommendation