By Manny Fernandez

March 5, 2019

banner

IPTable Firewall GUI

In 2000, I started a company named ITsecur. We created a Linux based firewall running the following:

IPTables – Firewall
In-line Snort – IDS/IPS
StrongSWAN – IPsec VPN (mostly site-to-site)
OpenVPN – Remote Access VPN and Site-to-Site VPN
Dan’s Guardian – Web Content
SQUID – Proxy Services
SPAM Assassin – AntiSPAM
Zebra – Routing
Webmin – Management GUI

It was a very enjoyable time for me because we were creating something that very few were doing at the time; Managed Security Services. We bought some headless boxes out of China through a company named Nexcom. There were two different versions (Rack mountable and desktop). We had a sticker created with the TM’d name ’Safe-T-Net’.

What we did for this project was to get the best of Checkpoint, Cisco, and other firewalls (including Fortigate) that were prevalent at the time. After selling the company, I opened up the webmin module to the world. It is available on the Webmin website under third-party modules. You can run it today.

Disabling, Deleting FWD and installing IPTables

Stop the Firewall
systemctl stop firewalld

Disable the firewall
systemctl disable firewalld

Check Status
systemctl status firewalld

 

Installing Webmin on CentOS

sudo vi /etc/yum.repos.d/webmin.repo
[Webmin] 
name=Webmin Distribution 
Neutral#baseurl=https://download.webmin.com/download/yummirrorlist=https://download.webmin.com/download/yum/mirrorlistenabled=1
sudo rpm --import http://www.webmin.com/jcameron-key.asc

Now you can log into the Linux box by browsing to https://%your-ip%:10000. (That is :10000 at the end)

Firewall Configuration

First things first. By selecting the ‘gear’ icon on the top left of the module, you will see the following:

Here you can define if the firewall will be part of the ‘any` rules. That is, if you define a rule that says permit ssh to any, without selecting this, it would include the firewall. Additionally, you can set:

Autobackup Directory – Where on the FW HDD do you want to store the backup configs
Ask for confirmation – When saving rule changes, it would ask you ‘are you sure’ by default.
Logs to show – How many logs will be displayed (similar to pager command in Cisco)
Seconds between refresh – Refresh rate for the logs
From address – Who the emails will come to you from

Here is the main screen. It will give you access to the main functions of the firewall. Policies (or rules), Service Objects, Hosts and Networks, Logging, NATing etc.

Under the firewall rules, you will see the concept, familiar with Fortigate’s today, of the matching interfaces. From here, you can choose existing address objects or create new ones on the fly. You can choose services, if you want to log, and the position of the rules.

Under the Hosts and Networks, you can create a name for a group and selct the addresses that will be part of the group or just add one address/network. You can also do ‘negate’ which will mean anything except what is negated.

Here you can define the NATs and even the ‘no nat’ between certain networks.

For role based access control, you can create a user and give them access to any portion of the firewall config. Also the ‘trusted hosts’ (again, similar to Fortigates).

Under the ‘backup configuration’ you can schedule a backup, send it via FTP, send it via email and save it locally. You can choose any part of the configuration. It also has the ability to password protect the backup.

You can set up a Linux box running Webmin and point the firewalls to it. This will include changes made to rules and who made them among other things.

The restore functionality, allows you to restore all or partial portions of the firewall.

Under the services tab, you can choose from a myriad of pre-defined services or create your own.

Finally, some basic DoS mitigation.

To get the module, go to the following link and choose the following:

I hope this helps out.

Leave a comment

Your email address will not be published. Required fields are marked *

Recent posts