[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Firewall Related Question



* eim <eim@eimbox.org> [2001.10.22 12:44:03+0200]:
> Is this a good choice ? or should I put another machine in my
> Network, between the Gateway and the Servers, which acts as Firewall ?

what's a firewall for you? a packet filter? you can surely install a
packet filter on every box. iptables of kernel 2.4.x is even more than
a packet filter (strictly speaking, even ipchains is), as it can go up
to application level for specific protocols. so sure, iptables will be
a firewall for you, which you can set up on every host...

*but*: do you want to maintain three different ones? if i were you,
i'd set up some old pentium or even 486 with a minimal install of
debian (or openwall, or smoothwall, or openBSD), which does NAT for
your IPs (not MASQ, since you *have* IPs), and which runs kernel
2.4.12 with a fancy iptables setup.

-- 
martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck
  
it's as bad as you think, and they are out to get you.

Attachment: pgpwc60KKiT5T.pgp
Description: PGP signature


Reply to: