Tuesday, January 09, 2018

Bonjour Linux Firewalling



Subtitle: Queen: I'm going Slightly Mad


Because Networking Hurts
Sooner of later in the lives of any would be accomplished Systems Guy  (or Girl) one is forced to consider having to dive into the mysterious world of 

Linux Firewalling

In Marcus' case to make things slightly more tricky I'm using the Mikrotik series of Linux based Routers.  Whilst they use Linux,  on top is a GUI product called Router OS, command line configuration is not Linux standard, potentially you might think the GUI is more friendly, at least to see what you have done !


This is apparently the Mikrotik Flow.  Anybody?

Linux Firewall Basics

https://www.howtogeek.com/177621/the-beginners-guide-to-iptables-the-linux-firewall/

https://askubuntu.com/questions/466445/what-is-masquerade-in-the-context-of-iptables

https://en.wikipedia.org/wiki/Network_address_translation

https://en.wikibooks.org/wiki/Linux_Networking/IP_Masquerade

Mikrotik Basics

The reference site to beat all others  http://tksja.com/

TKSJa Youtube Channel  (I prefer over the website)

TKSJa Firewall Tutorials


Essential Firewall Filters

https://wiki.mikrotik.com/wiki/Firewall

https://wiki.mikrotik.com/wiki/NAT_Tutorial

Greg Mikrotik Tutorials


Further Impressions Are

- It's pretty easy to make a mis configuration step, at the basic level and completely lose access to the MikroTik, so configuration backup, reset and restore is something I am expecting quite soon!

- I still have only a rudimentary understanding of what is going on :-(

- Following instructions to configure a specific function on a router is straightforward, but on a router like Mikrotik where for example I already configured multi WAN balanced routing,  adding  the necessary Firewall rules in, between multiple Mikrotik devices to perform routing, well, call it low expectations, but I'm sure there will be some issues!

- TKSJa is an incredible resource.   My first game plan is to watch and absorb the wonderful information and teaching contained in all the videos

- Hopefully the TKSJa videos will all come together and suddenly make sense

- Else:  Find a Mikrotik course to go on!


State Space Learning





Tron Legacy: I Got In

State Space learning is the phrase that Marcus gives to computer learning of difficult topics.  It's quite simple


A. You need a lot of time

B.  Carefully research the information sources

C. You read and watch all of them (hence state space)

D. You hope that before you get to the end that everything sort of clicks into place

I use it all the time!  Of course it's preferable to have a friendly guru to direct you, but even in these plentiful Internet days, the deeper the dive, the less that those around will understand or be able to help you.