[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: transparent firewall box



I recently did this with a Debian 2.2 system running a 2.2 kernal and
IPCHAINS using a patch available from a HOWTO on linuxdoc.org.

I'm trying to get motivated to document how I did it because I tried to
do things the "Debian way" when rebuilding the kernel, etc.

Basically it acts as a Layer-2 bridge with a special IPCHAINS builtin
for filtering traffic crossing the bridge.  Seems to be working fine
also.

On Mon, Mar 05, 2001 at 05:53:09PM -0500, Allen Ahoffman wrote:
> Hi:
> Can someone recommend the following configs:
> I want a box that is basically transparent to the internal clients.
> e.g.
>                  router
>                     firewall
>           box1 box2 box3 box4
> so box1 2 3 and 4 use the router's ip(s) as gateway
> and not the firewall's internal ethernet.
> and the router doens' knwo the difference.
> But I can fireall each internal ip with separate rules.
> e.g. dmz for some, ...
> it would be nice to have straightforward rules like:
> internal IP 208.242.184.9
> 	port { 80; 22; 143; ...; };
> 		accept from all except 195.284.44.33; };
> 	else deny;
> ...
> Something nice like this with straightforward syntax.
> any suggestions?
> And,
> Anyone seen simple firwall system which allows eth0: eth0:1 eth0:2
> to each have their own rules, to perform different restrictions on a
> single NIC system.
>  
> 
> 
> --  
> To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 

-- 
Nate Duehr <nate@natetech.com>

GPG Key fingerprint = DCAF 2B9D CC9B 96FA 7A6D AAF4 2D61 77C5 7ECE C1D2
Public Key available upon request, or at wwwkeys.pgp.net and others.



Reply to: