Specifications
3
Firewall Administration System (FAS)
Firewall host name: fw-nbg
Firewall domain: example.com
As the name server, the firewall should use the internal DNS server. Then
the firewall will also know the names of the internal hosts.
Name Server IP Addresses: = 192.168.10.65
In the domain research list, both the publicly known domain as well as the
internal domain must be given.
Domain Search List: example.com
nbg-example.com
IP Filter and NAT
When configuring the IP Filter and NAT module, choose between expert con-
figuration and normal configuration. First, the standard configuration is de-
scribed.
Click ‘Configure’. The IP filter dialog is divided into four masks. Browse
through them with the tabs ‘IP Forward’, ‘Masquerading’, ‘Destination NAT’,
and ‘ICMP to Firewall’.
IP Forward
In the first half of this mask, define a forwarding rule, The following details,
also shown in Figure 3.17 on the following page, are required:
Protocol Choose among tcp, udp, and icmp.
Source Address The source address of an IP packet.
Destination Address Specify the destination IP address of the connection.
Destination Port For ‘From:’, specify the destination port. For ‘To:’, define a
range of ports.
Icmp If you have chosen icmp as the protocol, enter the required message
type here.
If you then click ‘Add’, the filter rule appears in the overview window. To
edit a rule or delete it, click the rule then the corresponding button.
Under ‘Logging’, the check box ‘Log Access Violation’ is activated by default.
53SuSE Linux – Firewall on CD2