Ok, I want to build a website of course and usually I would pay for hosting
via an outside organization such as Aplus.net and the like. However, I
simply wanted to host my own site by setting up my own Linux based web
server and run it as a Virtual Machine rather than dedicating another
physical machine to serve this purpose.
Right now I'm running Ubuntu server 12.04 x64 in Virtual Box. I've changed
the network settings in Virtual Box from NAT (default) to Bridged thus
sharing my interface as you mentioned.
So now, the VM carries an ip address assigned by the router which follows
the 192.168.x.x format. I've created an extra account for my friend so
that he can access the web server via SSH. I, of course, had to forward
port 22 to the VM's ip as well as port 80.
With this current configuration, shorewall serves no purpose as the
router's firewall is handling all of the incoming/outgoing traffic. Rather
it will once the site goes "live".
Now, this configuration may be fine, I'm not sure. I did, however, wish to
possess more control over the traffic coming in and going out as well as be
able to setup specific rules in the future if need be. I can do this with
Shorewall's functionality but the router I am currently using does not
allow for much. It's very basic...
However, perhaps the way things are setup now will be just fine. Or would
you recommend that I use Shorewall instead of my router's firewall as well?
I can provide you with more detailed information if you need it. Settings
in VirtualBox, router config, etc, etc...
Thanks again!
PAIN
On Thu, Sep 6, 2012 at 6:10 PM, Tom Eastep <[email protected]> wrote:
> On 9/6/12 1:27 PM, David Burton wrote:
> > Hi Tom,
> >
> > Yes, Shorewall is starting correctly. I ran "shorewall status" (all was
> > good). I ran "shorewall clear" and then restarted "shorewall start".
> >
> > All seems to be well there...
> >
> > So, it seems shorewall is up and running just fine....
> >
> > One thing to note, is that I am running my server as a VM (virtual
> > box). The VM is sharing my network adapter and thus acquiring an IP via
> > DHCP from my router. (In the current configuration with ports 80 and 22
> > forwarded).
> >
> > This config works but again, the alternative config (DMZ) is desired.
> >
> > What can we try now Tom?
>
> Explain your configuration and exactly what you are trying to do.
> Because right now I'm lost. Depending on you the VM is sharing your
> interface, Shorewall on the host will have no control over server
> traffic at all.
>
> -Tom
> --
> Tom Eastep \ When I die, I want to go like my Grandfather who
> Shoreline, \ died peacefully in his sleep. Not screaming like
> Washington, USA \ all of the passengers in his car
> http://shorewall.net \________________________________________________
>
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> Shorewall-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
>
--
David Burton
IT Consultant
600 North St.
Anderson, SC 29621
864-650-3954
[email protected]
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
