Re: masquerading (NAT) firewall with firewall-easy

To: debian-firewall@lists.debian.org
Subject: Re: masquerading (NAT) firewall with firewall-easy
From: Daniel Pittman <daniel@rimspace.net>
Date: Sun, 11 Jul 2004 21:50:40 +1000
Message-id: <[🔎] 87d632n4of.fsf@enki.rimspace.net>
References: <[🔎] 20040711084028.pWyiEg.qPS7mp@rano.org>

On 11 Jul 2004, Edmund GRIMLEY EVANS wrote:
> If anyone has managed to set up a masquerading firewall with
> firewall-easy, could they please tell me how they did it?

I can't say that I have used the package in question, I fear.

> Or recommend an alternative package for the same purpose?

I do use 'firehol', and would happily recommend it. Getting it to work
as a simple masquerading firewall is trivial:

,----[ firehol configuration ]
| interface eth0 mylan
|         policy accept
| 
| interface ppp+ internet
|         client all accept
| 
| router mylan2internet inface eth0 outface ppp+
|         masquerade
|         route all accept
`----

Season to taste and your setup by configuring the 'ppp+' and 'eth0'
parts of the lines to match.

Also, I strongly recommend it because once you have it in place it can
grow to match your needs -- it trivially extends to a full featured
multi-zone firewall without changing the underlying tool.

It is packaged in unstable and testing, or available at
<http://firehol.sf.net/>

        Daniel
-- 
There is no reality except the one contained within us. That is why so many
people live such an unreal life. They take the images outside them for reality
and never allow the world within to assert itself.
        -- Hermann Hesse

Reply to:

References:
- masquerading (NAT) firewall with firewall-easy
  - From: Edmund GRIMLEY EVANS <edmundo@rano.org>

Prev by Date: masquerading (NAT) firewall with firewall-easy
Next by Date: Re: masquerading (NAT) firewall with firewall-easy
Previous by thread: masquerading (NAT) firewall with firewall-easy
Next by thread: Re: masquerading (NAT) firewall with firewall-easy
Index(es):
- Date
- Thread