Zentyal Forum, Linux Small Business Server

Zentyal Server => Installation and Upgrades => Topic started by: Zent User on November 06, 2012, 07:17:29 am

Title: Will Firestarter create port conflicts ?
Post by: Zent User on November 06, 2012, 07:17:29 am

As Zentyal is not that much supportive to block web sites,then I tried Firestarter application in Zentyal 2.2,by using Firestarter application we can block any website irrespective of HTTP or HTTPs,but when I installed in Zentyal 2.2,Firestarter detected my ethernet cards(currently there are two cards,eth0 is external & eth1 is internal), then I selected eth0 and listed some sites to block,but immediately my internet connection gets down to client systems,where as I'm able to access internet in Zentyal server system.What might be the wrong ? Is port conflicts ? If So,how can internet is accessing in Zentyal server ?

Title: Re: Will Firestarter create port conflicts ?
Post by: ichat on November 06, 2012, 11:36:04 am

just a simple question,
if your in a car with 2 streering wheels, 1  says left the other says right,  what do you thing will happen...

if you want firestarter to work, put it in front of, zentyal not  on the same instance...
what you could do is  making a brigde between 1 if your  eth interfaces and a virtual machine...

like so...:

eth0 (unmanaged by zentyal) 
 <eth-adaptor to client bridge>   
[virtual machine (with firewall applience)]
 <virt client 2 host bridge>   
eth1 zentyal wan apdator (managed by zentyal),   
[zentyal (with what you need it to be)]
eth2 (marked as lan)
 <regular network connection> 
[switch (for internal network)]

---

bold:                          ethernet adaptor
bold+underline         applience with a function
<italic>                      network transport

Title: Re: Will Firestarter create port conflicts ?
Post by: Marcus on November 06, 2012, 12:03:52 pm

Hello,

Quote

if your in a car with 2 streering wheels, 1  says left the other says right,  what do you thing will happen...

Something very funny.  You better call me before trying this out. I want to see that!

Quote

As Zentyal is not that much supportive to block web sites

I can assure you that it is very effective.  Depending on your goal, you may be better off using squid (Zentyal's proxy) or the DNS module.

e.g.
For blocking facebook using the DNS module:
Domain: facebook.com
IP: 127.0.0.1

This will block both HTTP and HTTPS access to the website.

Quote

What might be the wrong ?

Two firewalls ain't a good idea.  Except if you fully understand both of it. Otherwise you'll have sparks and something will blow up.

You should definitely do like suggested:

Quote

put it in front of, zentyal not  on the same instance.

Best,

Marcus

Title: Re: Will Firestarter create port conflicts ?
Post by: Zent User on November 06, 2012, 12:23:05 pm

@Marcus

 Can you explain how can we block sites without using squid and by using DNS ? . I'm newbie to Zentyal and from starting onwards only focused on HTTP Proxy and Firewall.

Title: Re: Will Firestarter create port conflicts ?
Post by: ichat on November 06, 2012, 01:28:53 pm

please   rtfm (click me) (http://doc.zentyal.org/en/dns.html)

Title: Re: Will Firestarter create port conflicts ?
Post by: christian on November 06, 2012, 01:35:01 pm

This is going to be too fuzzy: Zent user started similar topic in multiple places. As a result we have now answers and debates in parallel  >:(

[moderator]
shall I lock all related topics but one so that all have debate in one unique place
[/moderator]

Title: Re: Will Firestarter create port conflicts ?
Post by: Zent User on November 06, 2012, 02:04:06 pm

Sure