[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Firewall Planning

In article <1066752252.11508.77.camel@dos> red@gato.net writes:
>I have 5 static ips
>Im using a p400 with two nics (deb woody)

>I want to do Packet Filtering and logging for the DMZ and the

See http://www.blars.org/sapaf.html for one way of putting your dmz
hosts behind the firewall without needing a separate subnet (with
differnt IPs) for them.

>1) Do I need three Nics on the Firewall , one for the DMZ?

It's a good idea, but not strictly needed.  You don't need the hub
when doing this.  (Use crossover cables.)

>3) If the WAN interface in the router is a 64.1.1.x and the LAN
>interface is a 2.x.x.x/24 will i be able to route the 1.1.1.x/24 and DMZ
>host through the FW?

Sure, just to NAT on one segment.

>4) I want to use Iptables because I heard they are more advanced than
>ipchains is this true?


Blars Blarson			blarson@blars.org
With Microsoft, failure is not an option.  It is a standard feature.

Reply to: