Hi all,

I apologize for my frankness, and probably posting in the wrong section. It's been years since I last visited the Ubuntu forums.

I am what you would call a Debian enthusiast. For many years, I have authored an advanced how-to on developing a corporate firewall system, using freely available Debian packages, without compiling or patching. Configuration is the trick. You have to become an expert on firewall configuration methodology, the same required by Cisco or any other firewall manufacturer.

Now that I have your attention, over the past seven years or so, I have been the author and developer of an advanced debian-based firewall system, fully documented in a how-to document. It has a happy home in the Debian community, among the advanced users.

Up until now, I never considered the Ubuntu community would be interested. Quite frankly, it's not for beginners. Although I wrote it to educate the beginner, you must have a willingness to learn advanced TCP/IP routing/filtering techniques.

I'm not sure if I posted this in the right Ubuntu forum. That doesn't matter. Is the Ubuntu community ready for something like this? You have to answer that, because I honestly don't know, but I am willing to give it a try.

If your community welcomes my project, without all the drama, I would be happy to help people here develop advanced corporate firewalls for their businesses. Serious people only. This is not a beginner subject.

I have no idea what response I will get to this post. Whatever. Let's see what happens.

Here is a link to my last publicly posted how-to document: http://www.4shared.com/office/nWMRt60B/abazaba_squeeze_firewall.html

Honestly, I have no idea what response to expect. If I'm attacked and flamed, whatever, that's what I get for trying, right?

If anyone here has done the same as I have, or has seriously attempted it, then feel free to contact me.

Cheers,

Daryl

EDIT: Sorry about the above link. It required a login doh!

Download/view online on Google Docs:

https://docs.google.com/open?id=0B6gmrAuCpS-KbVVPTmgwZUZhYUU

Thread moved to Security Discussions.

Hi - I don't see any reason why it's not worth it.

You might be better doing it with a wiki at the community pages however.

I think there may certainly be interest in it, I would appreciate a look although I'm less happy about signing up to another website to download the PDF.

Would you consider emailing it to people who sent you a PM, so they can look at it and provide some feedback?

Stefan

Definitely interested.

I currently use a virtualized SmoothWall on my home network to provide all the routing and and firewall duties for my servers. I've been looking to switch this to a Ubuntu CLI system so that all my machines run the same OS.

In my testing so far I've set up basic NAT and routing capabilities, your guide sounds like exactly what I'm looking for to turn this into a proper firewall/router.

Serious people only. This is not a beginner subject.
I am a beginner,but serious. And on iptables now (sounds like I am on steroids). So very much interested.:)

Hi all,

This is not a beginner subject.




Yet your opening paragraphs say
I intentionally wrote this for the “Beginner linux user”,and
I have intentionally over-simplified this as much as possible, to help the new personThen go on to say the reader should have "a strong understanding...." of x,y,z

Seems very contradictory to me but good luck, I don't need it myself but for beginners you might want to address who it is really for.

I am not a fan of contradiction, if you don't know who you are writing for, then it is unlikely the reader will know what you are trying to say.

Cheers

Sounds interesting, but as Elfy said, it would probably be better to put it on the wiki so all can access it and the author can get feedback.

Haqking also has a point, the OP was a bit confusing.

Nitpicking.

Nitpicking.
Good point. :p

Nitpicking.

Not for beginners vs For beginners

is nitpicking ?

mmmmm

it is for one or the other, which is it

Up until now, I never considered the Ubuntu community would be interested. Quite frankly, it's not for beginners. Although I wrote it to educate the beginner, you must have a willingness to learn advanced TCP/IP routing/filtering techniques.Seems - pretty simple, OP has something he wrote for Debian community, not for beginners - but to educate them after which they aren't beginners ;)

You're first
This is not a beginner subject. comes from
this sentence


If your community welcomes my project, without all the drama, I would be happy to help people here develop advanced corporate firewalls for their businesses. Serious people only. This is not a beginner subject.I'd completely agree.

Do you know whether English is the Op's first language or do they just make a much better job of writing in English than I would French ...

Peace.

Seems - pretty simple, OP has something he wrote for Debian community, not for beginners - but to educate them after which they aren't beginners ;)

You're first comes from
this sentence

I'd completely agree.

Do you know whether English is the Op's first language or do they just make a much better job of writing in English than I would French ...

Peace.

Nitpicking ;-)


To me its contradictory

Peace

:)

Enough of that while it all gets back ontopic I think :)

:)

Enough of that while it all gets back ontopic I think :)


Agreed.

However i would point out to the OP that i dont have an issue with your content or topic and wasnt picking at that, just the parts i brought up for beginners reading it that was all.

Peace

I think there may certainly be interest in it, I would appreciate a look although I'm less happy about signing up to another website to download the PDF.
...
Or share it on Google Docs?

Or share it on Google Docs?

Whoops!!!! My bad, I didn't realize that file storage site required a login. Sorry about that.

Here it is on Google Docs, no login required:

https://docs.google.com/open?id=0B6gmrAuCpS-KbVVPTmgwZUZhYUU

You can view it online with that link.

I appreciate the kind words, and the useful feedback.

Pretty good document tbh.

There are other firewall solutions other than shorewall. M0n0wall, pfSense, etc.

I have no idea what response I will get to this post.

What exactly do you want again ?

Your paper looks ok on first skim. I also don't doubt it will 'port' to Ubuntu rather effortlessly, so people who want to build that style of firewall on Ubuntu rather than Debian could do so from the instructions without much trouble.

So the purpose of this thread is ... what ?

...
Here it is on Google Docs, no login required:
...
Thank you! :)

Whoops!!!! My bad, I didn't realize that file storage site required a login. Sorry about that.

Here it is on Google Docs, no login required:



Thanks, some light reading over the weekend.

Thanks, some light reading over the weekend.
Lol @ light reading.

I skimmed over it and it doesn't seem overly complicated to me, but some people might not see it the same way as I do.

Put this/the idea in launchpad and create a team around the project might be an idea to consider.

Hi drokmed. I actually got a copy of this pdf file a year or so back. My corporate firewall was built thanks to your work. I cannot thank you enough.

Cheers!

I don't think it is a simply a firewall. It is looking much like an IDS or IPS or something like this.

Samiux