I've always used hardware firewalls and have not learned about IPTables other than very basic things such as adding a port or two. I have an application where I would prefer using Centos as a firewall because what I need through it is very simple, only two services. Of course, it would have to be totally, completely, absolutely protected.
Here is what I need.
Centos 5.x, latest, fully updated. Bare minimum services/applications installed. Just want to use it as a router running opensbc.
Public to WAN would be only SIP/RTP, 5060 TCP/UDP and 10000-20000 UDP.
NIC0 (192.168.1.5/16) would be connected to the LAN side.
NIC1 (x.x.x.x) would be connected to the WAN side, direct to the router.
This server would have to co-exist with a main firewall on the LAN side which is at 192.168.1.1 (gateway conflict perhaps?). Traffic which comes into this server would have to be forwarded to 192.168.1.230/16 and that server would in turn reply. I cannot give the IP PBX at 192.168.1.230 a default gateway of the Centos server because I need two of them, one per WAN in order to use DNS SRV load balancing.
The reason I wanted to post this question here is the forum suggestions I've been given seem to have holes in them. I thought that perhaps posting this here, if someone posts the proper IPTables file, then others could agree or not in order to get a final, VERY secure but working config.
I wish to thank you in advance for perhaps taking this small challenge on.