Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: Firewall in E-Smith ???
« previous next »
Pages: [1]   Go Down

Firewall in E-Smith ???

  • 3 Replies
  • 580 Views

Keith Clark

Firewall in E-Smith ???
« on: September 27, 2001, 12:20:34 AM »
Question:  Is there a way to use ipfw with E-Smith, or does it have the capability built in ??  If so, how is it configured.  I am familiar with ipfw.

Thanks for your help...

Keith
Logged

Greg Zartman

Re: Firewall in E-Smith ???
« Reply #1 on: September 27, 2001, 09:24:28 AM »
Someone may correct me if I'm wrong here, but I pretty sure that ipfw is the FreeBSD equivalent to ip masquerading in Linux.  Both perform firewalling functions built into the respective OS kernels.  

The Linux kernel in e-smith (SME 5.0) uses a function called ipchains to setup firewall rules and what not.  Although there is a lot of info about ipchains on the net, I think you’ll find that the Linux community is moving to iptable, the Linux Kernel 2.4 successor to ipchains.

In any event, I believe that e-smith (Mitel) has gone to some length to customize ip masquerading (ipchain rules) to protect you.  If you are wanting to block a specific port or ip address, then you’ll need to do a little research on the correct ipchain rules to invoke.  One thing to keep in mind with ipchains is that like BIND, all rules must be input and run time and are lost during reboot.
Logged

Graeme Robinson

Re: Firewall in E-Smith ???
« Reply #2 on: September 27, 2001, 09:51:46 AM »
What do you want to achieve?  IP port forwarding is doable and a contrib has been written for e-smith (see the contribs).  Do a search and you will find the answer in this forum I think. And don't forget the documenation and HOWTO contribs.  Start at www.e-smith.org and click documentation link.
Logged

Rangi Biddle

Re: Firewall in E-Smith ???
« Reply #3 on: September 30, 2001, 08:12:00 AM »
As stated by the posts already what are you trying to achieve?

E-Smith does have a firewall built in and is customised by using the server-manager.  It creates the firewall based on the options you select and allows access or disallows access based on those options.

If you do want to create a custom firewall then reading the documentation supplied is your best bet to making sure everything runs smoothly with E-Smith.  Because of the templates that E-Smith uses modifying the records manually can cause major errors.  It is however strongly suggested that you create a custom template and build your templates to reflect E-Smiths current services.

I have managed to successfully myself configure my own templates and am running everything quite smoothly.  I have enabled a few extra services of my own such as a WAP and SMS gateway which I am glad to announce runs like a charm.

Anyway if you want more advice email me at rangi@cybershed.net
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: Firewall in E-Smith ???