Separate names with a comma.
Discussion in 'General' started by jr_oblika, Feb 9, 2008.
Can Elastix work as firewall ?
There is no specific capability for Elastix to act as a Firewall. However, since the system is Linux, you could implement a firewall using IP_tables.
That said, whilst it is good to have one machine perform many functions, especially from an economic sense, it is not good practice to perform the firewall function on the machine that you are aiming to protect.
You will find plenty of advice on the net and elsewhere that promotes good practice of implementing the firewall on a separate device. This could be another low end Linux system, or a firewall/router.
The platform is Centos 5 so you need to get into ipchains and configure up the firewalling rules.
I would not turn on SE Linux.
Have a look at http://www.fwbuilder.org./ for a management system.
Personally (as Bob also said) I always run a separate and dedicated firewall PC using a package such as IPCop and the CopFilter addon to have a useful and manageable system that I set and forget (mostly).
If you want an easy to get going firewall platform that is performs very well I recommend the Endian Firewall Appliance - http://www.efw.it
Idem as DStirrup, i always use a different machine to go as a firewall/router.
I use a free linux distro called BrazilFW (old coyote firewall) on a live floppy or installed on an hdd in a P166Mhz with 32Mb RAM PC.