[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] Firewall design

Subject: [ale] Firewall design
From: transam at verysecurelinux.com (Bob Toxen)
Date: Wed Jun 1 01:00:20 2005
In-reply-to: <[email protected]>
References: <[email protected]>

On Tue, May 31, 2005 at 04:17:14PM -0400, Joe Steele wrote:
> On Tuesday, May 31, 2005, Christopher Fowler wrote:
> >
> > Is there a way I can plug a Linux box between E-Deltacomm and my Cisco
> > switch and have it do filtering but not have an IP address on either
> > eth0 or eth1.  This could be an invisible inline firewall thingy :)

> What you describe is an ethernet bridging firewall.  
> Take a look at http://ebtables.sourceforge.net/
There's really no need for that.

Just set up your Linux firewall with the "real" IP.  Then set up its
inside network to be IP Masqueraded (NAT'ed).  Then give your inside
systems 10.x.x.x or 192.168.x.x addresses and forward port 80, etc.
to them.

> --Joe
Bob

Follow-Ups:
- [ale] Firewall design
  - From: cfowler at outpostsentinel.com (Christopher Fowler)

Prev by Date: [ale] OT: Good Support Company for 3Com IP Phone System?
Next by Date: [ale] Screwed by PPP0E
Previous by thread: [ale] OT: Good Support Company for 3Com IP Phone System?
Next by thread: [ale] Firewall design
Index(es):
- Date
- Thread