We're starting with a running Debian 6.0.3 box fully configured. This particular box is running shorewall in a Three-Interface Firewall configuration. SSH is running on all "networks", and DHCP is running on the local network.
$ sudo aptitude install nagios3
This will install apache web server using a default config from the upstream packager
$ sudo vim /etc/shorewall/rules ############################################################################################################# #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK # PORT PORT(S) DEST LIMIT GROUP # # Accept DNS connections from the firewall to the Internet # DNS/ACCEPT $FW net # # # Accept SSH connections from the local network to the firewall and DMZ # SSH/ACCEPT loc $FW SSH/ACCEPT loc dmz ACCEPT net $FW tcp 443 ACCEPT net loc tcp 443 # # Accept web connections to $FW from net (customized macro.HTTP to include port 8080) HTTP/ACCEPT net $FW HTTP/ACCEPT $FW loc # # DMZ DNS access to the Internet
This particular shorewall has been customized to allow port 8080 as well. We will also insure that the firewall can pass traffic to the local network as well. This could be useful if we have situations where a redirect takes place from the external web server to the localhost.
$ sudo shorewall refresh
You should now see nagios running at http://domain/nagios3.