Conceptually: how do these packages 'hang' together?
G'evening all ;D
I have to admit, I am a little bit confused about how packages 'hang' together. I am used to 'top down' learning (the big picture first, then drill down into the details), and I have to admit I am having a hard time figuring out how some packages are supposed to relate to eachother, as in 'the blue print', so to speak (then again, I have no problems understanding to name just one of the so called 'more advanced' topics in my line of work, 'inflation accounting' ;D).
What I mean is: we have the PFS firewall, Pfblocker, Squidguard, Snort. Each of them is capable of blocking. I would have suspected the last three to be different subsystems that feed data into the 'core', the underlying PFS firewall, but since I don't see the Snort rules come back in the PFS firewall rules, I am obviously wrong. So how are these 4 packages to be seen relative to eachother?
Thank you in advance for your answer ;D
Very basic(!) overview:
pfsense = Firewall … blocks external connections
Pfblocker = Blocks countries and IP ranges you don't want to connect
Snort = Intrusion Detection System
Squidguard = SquidGuard is a URL redirector used to use blacklists with the proxysoftware Squid (which is not on your list, but required for squidguard!)
They all don't "feed" data into core - they all check traffic in different ways. You need to learn of all them if you want to understand their configuration and fit to your needs.
Set them up in the order I specified above. After you box is up and running including snort start to learn about proxies (squid).