Firewall Setup
2009-05-13 12:51:47来源:未知 阅读 ()
Introduction
After reading this howto, a FreeBSD stateful firewall setup is
completed for either you gateway or workstation. This FreeBSD stateful
firewall setup allows traffic initiated by your workstation or network
to flow though, and denies traffic initiated from the outside. This
howto also setup the internet connection sharing with other computers
on the network. This is done by using natd and a traffic shaping
solution that ensures that each computer has a equal share of the
available bandwith. It also incorporate a dynamic traffic shaper, using
dummynet pipes and queues, that makes sure that each computer has a
equal share of the label bandwidth. Finally, the functionality can be
extended by other with my other howto's. My goal was to write an howto
about creating
traffic graphs with MRTG, IPA
and IPFW and cut in two the howto due to size.
Why have firewall protection? Computers on the internet run the risk of
being damaged or hijacked. Firewall software is a very powerful tool in
fighting this. Having firewall software doesn't mean that your safe.
You will still have to update your system in order to fix security bugs
and check for viruses. Although the later isn't much of a problem for
Unix like computers at the time of writing.
Why do traffic shaping? Computers on
the network can use the internet connection so heavy that the internet
connection sharing idea is defeated. The nat daemon still works for all
computer, but the other computers have to wait because of the load.
Traffic shaping ensures that each computer can use their fair share by
dividing the bandwidth equaly. There are a couple of different traffic
shaping configurations. The first kind is a static traffic shaper
divides the bandwidth on the computers on the network. The second kind
is a dynamic traffic shaper divides the bandwidth on the computer using
the internet connection. Finally, a priority traffic shaper is one that
gives priority to one kind of traffic over a other kind of traffic.
This howto contains a setup for a dynamic priority traffic shaping
solution that is implemented with the weighted ruby round algorithm of
dummynet. This means the final traffic shaping solution will not be a
real priority traffic shaping but it comes very close to the real
thing.
Notes
标签:
版权申明:本站文章部分自网络,如有侵权,请联系:west999com@outlook.com
特别注意:本站所有转载文章言论不代表本站观点,本站所提供的摄影照片,插画,设计作品,如需使用,请与原作者联系,版权归原作者所有
- Freebsd oracle 10g 2009-05-13
- KDE/FreeBSD 测试 QT-4.5.1. 2009-05-13
- 提示:bad kernel: arp : 内网IP地址 is on em0 but got rep 2009-05-13
- OpenBSD 4.5下安装Gnome 2.24成功! 2009-05-13
- OpenBSD 4.5 2009-05-13
IDC资讯: 主机资讯 注册资讯 托管资讯 vps资讯 网站建设
网站运营: 建站经验 策划盈利 搜索优化 网站推广 免费资源
网络编程: Asp.Net编程 Asp编程 Php编程 Xml编程 Access Mssql Mysql 其它
服务器技术: Web服务器 Ftp服务器 Mail服务器 Dns服务器 安全防护
软件技巧: 其它软件 Word Excel Powerpoint Ghost Vista QQ空间 QQ FlashGet 迅雷
网页制作: FrontPages Dreamweaver Javascript css photoshop fireworks Flash