Installing and setting up Turtle Firewall is very easy because it uses the Webmin administration module, which is available on most Linux platforms.
1. If you did not install the Webmin administration module during your OS installation, you will need to in order to use Turtle Firewall. Locate and run the RPM, which should be on most Linux distributions disks. Click on the RPM file and it will install automatically.
2. Once that is done, you should be able to log into your firewall’s configuration screen by putting its IP address in your browser window and pressing Enter.
3. Now you are ready to install Turtle Firewall. Download the packed distribution from www.turtlefirewall.com or get it from the CD-ROM that comes with this book and unzip it.
4. Change to the turtlefirewall directory and type:
This runs an installation script that puts the Perl modules and other things that are needed in the right places.
5. Log into the Webmin server using a Web browser pointed at the IP address or host name the server is using. The Webmin interface will display.
6. Click the Module Index tab, and the Turtle Firewall Main screen displays (see Figure 3.3).
First you will need to define some basic things about your firewall (see Figure 3.4). Turtle Firewall uses the concept of zones to define trusted and untrusted networks. A trusted zone connects to a network with employees or people who should generally be trusted on it, such as your internal network. An untrusted zone is a network that could have anything on it, from employees to customers, vendors, or even people with malevolent intentions. Turtle calls them “good” and “bad,” but it is basically the same thing as trusted and untrusted.
8. Next you need to define your internal network IP addresses in the Net box. Put the IP address range with subnet mask for your internal LAN to be protected by the firewall in the box provided (see Figure 3.4).
9. Next, define any internal or DMZ hosts that will need special consideration, such as your mail server or Web server. Do this in the Hosts box (see Figure 3.4).
10. Finally, you can define any special hosts that you want to treat differently, such as administrators, in the Group area. Now your firewall is up and running in basic mode.
SmoothWall Express contains several options beyond Iptables that most companies would want in a fully functional firewall. Granted, you can cob most of these together with other programs and Iptables, but SmoothWall offers it all in one program in an easy to install package. Some of these features are:
- VPN support: SmoothWall integrates an IPsec VPN with firewall capabilities. This allows people on the outside to securely access the local area network via an encrypted tunnel. This can be a fixed remote office or a roaming salesperson (nonstatic IP VPN is only supported in the corporate edition).
- DHCP client and server: The client allows the firewall to get a dynamic IP address for its WAN interface. This is common practice on DSL and cable modem ISP service. It also allows the firewall to act as a DHCP server for the internal LAN, handing out IP addresses according to a preset policy. Again, you can add these things to an Iptables firewall, but then you have two separate programs to install and manage.
- SSH and Web access to firewall: Secure access via command line and a Web browser. The Turtle Firewall gives this capability for Iptables but doesn’t allow SSH access. SmoothWall has both built in with no additional software to install.
- Web proxy server: The ability to set up a Web proxy so that all Web sites are accessed through a firewall. This provides some level of Web security, since any exploits would have to run on the firewall and not the local machine. It can also allow for further protection through a content filtering option available from SmoothWall Limited.
- Web caching server: This feature stores the most popular Web pages for local access so that access times are improved and bandwidth usage is lowered.
- Intrusion detection: SmoothWall offers some basic network intrusion detection capabilities.
- Graphs and reports: SmoothWall allows you to run some simple reports on firewall activity and generate graphs based on this data.
- Support for additional connection types: SmoothWall supports many types of interfaces including dial-up, cable, ADSL, ISDN, and Ethernet. Some of these interfaces require additional software and configuration when supported under Ipchains.
One major difference between SmoothWall and the programs mentioned earlier is that SmoothWall needs to run on a dedicated machine. When you install SmoothWall, it wipes everything off the hard disk and installs its own operating system. This is basically a stripped down and hardened version of Linux, but you don’t have to know anything about it to run your SmoothWall firewall. This means you won’t be able to run any other tools on that machine or use it for anything else (at least not without a lot of hassle and the potential of breaking the SmoothWall software), so it may not be the right fit for everyone. But if you are looking for a cheap and quick way to set up a turnkey firewall with a lot of features, SmoothWall may be right for you.
blog comments powered by Disqus