[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-developers] OS-discussion
- Subject: Re: [cobalt-developers] OS-discussion
- From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
- Date: Thu Mar 28 07:28:24 2002
- Organization: nobaloney.net
- List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>
Matthew Nuzum wrote:
> Of course all of that is moot if you the Internet or your NAT users can can
> bypass your router. I have traditionally used Cisco routers for doing this
> kind of work. Never-the-less, I know that Linux can do it (in all 2.x
> kernels I believe) and I've done it with FreeBSD 3.3.
Okay... here's what I want to do...
(this looks better with a fixed-width font)
+-----------+
+----------+ +----------+ +--------+ | protected |
| Internet | <-> | Firewall | <-> | switch | <-> | systems |
+----------+ +----------+ +--------+ +-----------+
I want a linux-based firewall to answer to my public address space, and
to then to route the packets through my switch to my protected systems
(and vice-versa <smile>). I'm sure this can be done, but I have no idea
how to do it.
How do I do this with ipchains/iptables? Some examples would be nice
<smile>.
Thanks.
Jeff
--
Jeff Lasman <jblists@xxxxxxxxxxxxx>
Linux and Cobalt/Sun/RaQ Consulting
nobaloney.net
P. O. Box 52672, Riverside, CA 92517
voice: (909) 778-9980 * fax: (702) 548-9484