firewall ??

[Nigel Wade]

Bobby Knueven wrote:
> I am getting ready to build my first firewall, using Fedora Core 2. I 
> have read a lot of tutorials, but all of them are for firewall with NAT 
> enabled. What do I do if I don't need NAT. For example, I have a network 
> with 50 Class B Ip's we use a default gateway supplied by our University 
> and DHCP to distribute the IP's. So the only thing I really need to do 
> is firewall my 50 IP's from the outside world while continuing to use 
> our given IP's and gateway. Any thoughts on how to set this up would be 
> appreciated.
> 
> One more question, when connecting the outgoing NIC from the firewall to 
> the rest of the network do I need to use a crossover cable or will I 
> specify that the NIC is supposed to be outgoing in firewall configuration?
> 
> Thanks for the help.
> 
> Bobby K
> 
> 

If you are putting a firewall between your subnet and the default gateway 
for your subnet the simplest setup is a bridging firewall. It's not as 
trivial to configure as a normal or routing firewall. I've only actually 
done this with RH7.3, but I don't think there are any fundamental differences.

As a bridging firewall you can set it up to inspect packets as they pass 
through the bridge and reject or drop those it doesn't like. Otherwise it 
operates just like a bridge, and is effectively transparent to the rest of 
the network. If you want, you can give an IP to the bridge so that you can 
access it from other hosts, but that's not necessary if you maintain it from 
the console.

-- 
Nigel Wade, System Administrator, Space Plasma Physics Group,
             University of Leicester, Leicester, LE1 7RH, UK
E-mail :    nmw at ion.le.ac.uk
Phone :     +44 (0)116 2523548, Fax : +44 (0)116 2523555