Re: NAT

To: debian-firewall@lists.debian.org
Subject: Re: NAT
From: Daniel Pittman <daniel@rimspace.net>
Date: Fri, 29 Oct 2004 23:17:55 +1000
Message-id: <[🔎] 87u0sd64u4.fsf@enki.rimspace.net>
References: <[🔎] 4182CA68.DE2A6972@pirdop.digsys.bg>

On 30 Oct 2004, office@pirdop.digsys.bg wrote:
> I have to configure a debian mashine with 3 NIC. One of them should have
> real IP address 193.68.123.206. Another two should be part of private
> networks. On this mashine there is ipchains. How to configure it,  how
> to store configuration and how to make it to be started during the boot
> process?

My recommendation would be to move to iptables rather than ipchains.
Anything with a 2.4 or later kernel comes with iptables out of the box
in Debian, as I understand things.

I would also recommend using some sort of helper script to do the
configuration for you:  'firehol', in testing or at
<http://firehol.sf.net/> is my choice.

Using that sort of higher level tool will allow you to focus on the
detailed rules for the firewall rather than low level implementation
details like this.

Anyway, if you really want to write your own script the traditional way
is to either create a script run from the 'ifupdown', or as an init.d
script.

If you take the later route, copy /etc/init.d/skeleton to whatever name
you chose, and hook it into the boot system as normal.

Regards,
        Daniel
-- 
Fortune rarely accompanies anyone to the door.
        -- Balthasar Gracian

Reply to:

References:
- NAT
  - From: office <office@pirdop.digsys.bg>

Prev by Date: NAT
Next by Date: Re: Cannot reach external IP from LAN?
Previous by thread: NAT
Next by thread: Re: NAT
Index(es):
- Date
- Thread