GBdirect: Firewalling with Linux | Linux Today
Security
SHARE
Facebook X Pinterest WhatsApp

GBdirect: Firewalling with Linux

Written By
Web Webster
Web Webster
Apr 9, 2000

“Using a configuration like this it is simple to set up and
control web access for staff inside the firewall – they simply
point their browsers at the proxy on the inner firewall machine.
This setup also provides an excellent email service if wanted. …
Some organisations also choose to run the Samba software so that
the inner system can provide file and print sharing services for
Windows PCs.”

“The external connection to the Internet can be via ISDN
dial-up, using either a slot-in card on the outer proxy host or a
separate external router. If the usage grows to the point where a
permanent connection is required, there is no need to go to the
extra expense of purchasing a leased-line router; an X.21 card can
be plugged into the host instead.”

“The system is based on two machines running Linux from Red
Hat (Release 5.1). Each machine contains two Ethernet cards, and
runs both sendmail and Squid. The inner of the two machines will
accept only telnet, FTP, mail and web requests (via Squid). It
will only accept such connections from the machines on the internal
network or (optionally) from the outer machine. Telnet and FTP
requests are handled by the standard Linux telnet and FTP daemons.
Web requests are only accepted if they are directed to the squid
proxy on the inner machine. … Since the outer firewall machine is
not visible to any of the machines on the internal network web
requests are forced to go through the squid on the inner machine.
… The outer of the two machines will accept only mail delivery
requests from the outside world, thus providing protection against
unwanted connections. It will accept FTP and telnet connections
from the inner firewall machine, allowing remote maintenance of the
machine. It will also handle web requests via its own copy of
squid, thus providing web access. Mail is handled in a similar
waterfall fashion. The proxy (sendmail) on the outer machine
accepts mail for the relevant domains, but simply forwards it to
the proxy running on the inner firewall machine. In turn, this
sends the mail on to the machine(s) on the internal network that
actually handle the mail.”

Complete
Story
Web Webster

Web Webster

Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.

Linux Today Logo

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

facebook
linkedin
x

Company

Contact us

Categories

News IT Management Infrastructure Developer Security High Performance Storage Blog

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information