RE: Routing with Linux
You didn't mention volume. Also, public address and firewall seems to be a
contridiction.
If the volume is small, many of the $100 USD firewall boxes will work. There
will be some work redirecting IP through the firewall.
If the volume is higher or you just want a linux box then:
www.linuxrouter.org -- linux router project.
It maybe that you can port scan your network and turn off everything but
what you really want on.
Best of luck.
-----Original Message-----
From: Burner [mailto:burner@clanpips.dk]
Sent: Wednesday, March 05, 2003 10:21 AM
To: debian-isp@lists.debian.org
Subject: Routing with Linux
Hi
My boos just asked me to build a Linux firewall to protect our servers, we
have about 20 servers, all configured with only the public (internet) IP,
and
connected through a switch directly to our IPS's router.
I've only build firewalls for small lan networks using NAT with
iptables/ipchains.
I've read some iptables and iproute2 howtos, but i realy do not know where
to
begin, i dont even know if the hardware will be sufficient. P3/800 128Mb ram
and two good NIC's.
We don't need any advanced routing like bandwith balancing etc. I just need
to block most ports from public access and allow the servers (win) to update
from the internet.
I would like to keep the public IP addresses on the servers if possible.
Maybe i should configure the linux router with all the external IP's on one
NIC, and give the protected servers local IP addresses. then NAT the public
IP/ports to the servers using iptables, this is a way to do it, but is it i
good way?
I would be happy to recive any hints from someone who has done anything like
this before.
//Burner
--
To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
Reply to: