Give a try to shorewall -> http://www.shorewall.net/three-interface.htm cheers
--- Begin Message ---
- To: debian-firewall@lists.debian.org
- Subject: Firewall Planning
- From: red <red@gato.net>
- Date: Tue, 21 Oct 2003 11:04:12 -0500
- Message-id: <[🔎] 1066752252.11508.77.camel@dos>
All, This may have come up a billion times in the past but, I am setting up a FW and I have some basic questions: Setup 1:(idea at least) Public ip 64.1.1.x DMZ HOST (ports80,993,143,53) upstream 64.1.1. / (internet)---DSLmodem----(64.x)FW(2.x)--HUB/ \ 1.1.1.0/24 \Linksys(Wireless router) \ \ \ \ workstation, workstation I have 5 static ips Im using a p400 with two nics (deb woody) Goals: I want to do Packet Filtering and logging for the DMZ and the workstations: Questions: 1) Do I need three Nics on the Firewall , one for the DMZ? 2) In the drawing above I am running DHCP on the LAN with the Linksys Wireless router. Should I run DHCP on the LAN interface on the FW instead? What would be the benefits/drawbacks? 3) If the WAN interface in the router is a 64.1.1.x and the LAN interface is a 2.x.x.x/24 will i be able to route the 1.1.1.x/24 and DMZ host through the FW? 4) I want to use Iptables because I heard they are more advanced than ipchains is this true? 5) I am somewhat familiar with the command line IPtables commands, but was curious at to what other (non gui) tools I could use to write rules.? Thanks In advance -red -- To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
--- End Message ---
Attachment:
signature.asc
Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e=2E?=