howto: HSHR – Firewall Transparente – Edição de 2009

Olá a todos,

Como referi no blog, mudei recentemente de operador de TV, o que me levou a fazer umas modificações na rede e na forma que efectuo o controle do meu tráfego.

Lembrando que necessitava que todo o trafego, a exepção da IPTV, fosse contabilizado, tinha forcosamente que ter apenas um ponto de passagem de todo o meu trafego.

Assim sendo,  optei pela utilização de uma firewall transparente. O conceito é relativamente simples e é descrito pelo desenho abaixo:


O HW utilizado é o mesmo de sempre (routerboard 564 com daugtherboard), a correr uma versão de openSUSE 11.1, com várias mas simples modificações e para controle das Iptables, o belo do GUI da Firewall Builder.

Links uteis:

Firewall Build How TO

OpenSUSE How TO – Atenção que neste exemplo só se utiliza a parte de configuração das interfaces de rede. A parte de firewall é para ignorar pois iremos utilizar o GUI da FWbuilder cujo link se encontra acima referido.

Nuno Higgs
IT Linux Architect at Ageas Portugal
A meticulous and self-motivating person with the ability to work consistently, under pressure and on own initiative,

Strong technology background in integration and support, professional services solutions and consulting, process management and process improvement.

– Strong and self-driven “Make it happen” attitude.
– Proven Project Management in a wide variety of business applications
– Large knowledge of IT solutions with certifications in all major computer technology and consulting corporations
– Proven ability to understand enterprise wide issues and to structure innovative solutions
– Confirm experience in integrate solutions that provide support to IT decision in the way of organizations achieve their business goals.
– Experience in understand client needs, solution proposal alignment, and contract negotiation
– Knowledge of the latest trends in the IT industry.
– Out of the box thinking, with great creativity to resolve difficult IT problems.
– Team Empowerment and make it happen attitude motivator.

Good team spirit and a great spirit of initiative.

I like to empower others to achieve the team’s final goal that is full Customer satisfaction.

I am always searching for professional and personal challenges. Very business driven and highly critical with every aspect, searching the best approach to every problem.

I consider myself an IT enthusiast, so i keep working my way towards new information technologies challenges like risk assessment, ISOs compliance, cloud interactions e possibilities, business continuity procedures and related subjects.

Specialties:

Unix System Administration
Linux System Administration
Team Leadership
Team Development
Talent Managment
Out-of-the-box thinking for problem solving.