Re: transparent firewall box
I recently did this with a Debian 2.2 system running a 2.2 kernal and
IPCHAINS using a patch available from a HOWTO on linuxdoc.org.
I'm trying to get motivated to document how I did it because I tried to
do things the "Debian way" when rebuilding the kernel, etc.
Basically it acts as a Layer-2 bridge with a special IPCHAINS builtin
for filtering traffic crossing the bridge. Seems to be working fine
also.
On Mon, Mar 05, 2001 at 05:53:09PM -0500, Allen Ahoffman wrote:
> Hi:
> Can someone recommend the following configs:
> I want a box that is basically transparent to the internal clients.
> e.g.
> router
> firewall
> box1 box2 box3 box4
> so box1 2 3 and 4 use the router's ip(s) as gateway
> and not the firewall's internal ethernet.
> and the router doens' knwo the difference.
> But I can fireall each internal ip with separate rules.
> e.g. dmz for some, ...
> it would be nice to have straightforward rules like:
> internal IP 208.242.184.9
> port { 80; 22; 143; ...; };
> accept from all except 195.284.44.33; };
> else deny;
> ...
> Something nice like this with straightforward syntax.
> any suggestions?
> And,
> Anyone seen simple firwall system which allows eth0: eth0:1 eth0:2
> to each have their own rules, to perform different restrictions on a
> single NIC system.
>
>
>
> --
> To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
--
Nate Duehr <nate@natetech.com>
GPG Key fingerprint = DCAF 2B9D CC9B 96FA 7A6D AAF4 2D61 77C5 7ECE C1D2
Public Key available upon request, or at wwwkeys.pgp.net and others.
Reply to: