![]() all incoming traffic from directly attached networks, the other datacenter, and a selected set of our company's networks should be allowed.a selection of incoming ICMP traffic should be allowed (only ICMP packets with well defined type/code combinations).any outgoing traffic on physical interfaces should be allowed besides, incoming packets related to these outgoing connections must be allowed.any traffic through the loopback interface should be allowed.Each machine should run an host firewall.Ī firewall-wise classification of the servers was easy to do: there was a general set of rules which held for all servers, namely: In the project I was working on, we had a number of machines in two different datacenters. ![]() Corruptions in fwb files may be corrected using a simple text editor such as gedit (eh, yes, that happened to me a few times.). ![]() This, as we'll see, is an unexpectedly powerful feature.įWB saves all these entities (objects and firewalls) in an XML file using the ".fwb" extension. Firewalls are also objects, so you can manage many firewalls in the same interface, and share objects between them. These standard objects may be extended by the user with new objects, or by grouping together existing objects in new ones. In fact, the same set of rules may be used to generate scripts for iptables, ipfilter, or (e.g.) Cisco devices.įWB provides an handy library of objects for commonly used entities in firewall rules (e.g.: private address ranges, well-known IP and networks addresses, as well as protocols). You define your rules in the GUI, and a compiler generates scripts from them for the chosen platform. The list is quite long, and you can find more on its website.įWB helps you to configure multiple firewalls in a consistent wayīroadly speaking, FWB is both an graphical interface (GUI) and a set of compilers. What is Firewall Builder?įirewall Builder is a program that simplifies the management of firewall rules for a wide range of operating systems and hardware firewall devices. NetCitadel recently announced the release of Firewall Builder 5 which includes some minor changes in the GUI, so some screenshots in this article may look slightly different from what you would see in v5. The examples in this article are based on Firewall Builder v4.2. We won't be talking about firewalling per se, so you can still benefit from reading this article even if you don't have deep firewalling, networking or security knowledge. This time we'll talk about how FWB helps you to configure multiple firewalls in a consistent way. But I can say that every time I had a firewalling problem at hand, where I needed to prototype and test iptables configurations quickly, this tool never betrayed me! The reason is simple: the tool kept evolving during the years, improving the features it already had and adding interesting new ones.ĭuring these years I've not being using the tool regularly since I am not a Network Administrator. In the past I've already published articles and interviews on FSM about Firewall Builder (or FWB in short).
0 Comments
Leave a Reply. |