[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Firewall in an internet-caffe


I have a little problem here. After reading of 'Security: port-fw vs.
ip-aliasing' I started to think about network structure in InetCaffe I'm
going to take care of.

There is a young and lazy administrator now, and everything he does is
sitting on IRC and taking over channels. So what I need is to change
network geometry competly. There is no firewall now (!) so I need to
make one. I'll be using Potato. I can use two computers, and I need to
divide virtual ftp/mail/www servers, dns server and firewall between
them. I was thinking of:


Is this a good choice? I have 32 IP's, so I'm going to use x.x.x.1 for
FIREWALL & DNS, x.x.x.2 for FTP/MAIL/WWW, and x.x.x.3- for Win's.

So for windows x.x.x.1 is DNS server and Gateway, am I right? Is it
enough to ACCEPT some connections from/to computer to/form internet via
ipchains and DENY others? Maybe You know there's a better net structure
for this situation. Oh! My boss want's to sell Shell accounts also.
Where do You think I should placate them: on firewall or behind it?

Best regards
nIck: IronHand of CruX     /GCS d-(++) s:- a18 C++ UL++++ P+++ L++@ E\
maIl:                     { W+++ N+ o? K? w+++ !O M V? PS+ PE- Y PGP- }
ironhand@zsno.ids.czest.pl \t+ 5+ X- R++ tv b+ DI? D+ G++ e- h! r% y-/

Reply to: