Table of Contents
Advertisement
• Required Software:
[OS] Linux2.4.21 (or later)
(The Linux Kernel Archives: http://www.kernel.org/ )
[ebtables + br-netfilter (kernel patch)] ebtables-brnf_vs_2.4.21.diff.gz (or later)
(ebtables: http://ebtables.sourceforge.net/ )
• Kernel settings:
[Code maturity level options]=[Prompt for development and/or incomplete code/drivers] : ON
[Network Options]=[Network packet filtering (replaces ipchains)]
[Network Options]=[IP: Netfilter Configurations]
[Network Options]=[802.1d Ethernet Bridging]
3 To set the bridge, change the IP address, netmask, default root, and interface name in
/opt/f-secure/fsigk/misc/rc.bridge and launch the bridge as a startup script.
You need the brctl command to set the bridge. If it is not available, install a package which
includes the brctl command (for example, the "bridge-utils" package).
If a subnet exists under the network structure, apply routing settings as needed.
# cp /opt/f-secure/fsigk/misc/rc.bridge /etc/rc.d/init.d/bridge
# /etc/rc.d/init.d/bridge start
# chkconfig --add bridge
Check that communication works between interfaces (eth0,eth1) on both sides.
4 Change the access destination of the client to FSIGK:9110. Do it on the server at the access
destination by changing iptables on Internet Gatekeeper.
Next, run the following commands to redirect the server access to each service (http(80), smtp(25),
pop(110), ftp(21)) to 9080, 9025, 9110, 9021 of FSIGK.
FSIGK# iptables -t nat -A PREROUTING ¥
-p tcp --dport 80 -j REDIRECT --to-port 9080
FSIGK# iptables -t nat -A PREROUTING ¥
-p tcp --dport 25 -j REDIRECT --to-port 9025
FSIGK# iptables -t nat -A PREROUTING ¥
-p tcp --dport 110 -j REDIRECT --to-port 9110
FSIGK# iptables -t nat -A PREROUTING ¥
-p tcp --dport 21 -j REDIRECT --to-port 9021
Save the settings by running the following command:
FSIGK# /etc/rc.d/init.d/iptables save
F-Secure Internet Gatekeeper for Linux/Administrator's Guide
You can make iptable setting changes also by running the following command:
/opt/f-secure/fsigk/misc/rc.transparent
: ON
: Set all ON
: ON
115
Advertisement
Table of Contents
Related Manuals for F-SECURE INTERNET GATEKEEPER FOR LINUX 4.01
Related Products for F-SECURE INTERNET GATEKEEPER FOR LINUX 4.01
- F-SECURE LINUX SECURITY
- F-SECURE ANTI-VIRUS - FOR MICROSOFT EXCHANGE
- F-SECURE ANTI-VIRUS FOR MICROSOFT EXCHANGE 6.62 -
- F-SECURE ANTI-VIRUS FOR MICROSOFT EXCHANGE 7.10 -
- F-SECURE ANTI-VIRUS FOR MICROSOFT EXCHANGE 8.00 -
- F-SECURE ANTI-VIRUS FOR MICROSOFT EXCHANGE 9.00
- F-SECURE ANTI-VIRUS FOR MIMESWEEPER -
- F-SECURE Anti-Virus for Windows Servers
- F-SECURE ANTI-VIRUS FOR WINDOWS SERVERS 9.00
- F-SECURE ANTI-VIRUS LINUX CLIENT SECURITY -
- F-SECURE CLIENT SECURITY 7.00
- F-SECURE CLIENT SECURITY 9.00 - QUICK
- F-SECURE CLIENT SECURITY 9.01 - S
- F-SECURE Internet Gatekeeper
- F-SECURE INTERNET GATEKEEPER WINDOWS 2000-2003 SERVER 6.61 -
- F-SECURE LINUX SECURITY 7.02
Need help?
Do you have a question about the INTERNET GATEKEEPER FOR LINUX 4.01 and is the answer not in the manual?
Questions and answers