firewall ??
Bobby Knueven
knueven.7 at osu.edu
Thu Jul 8 18:12:20 UTC 2004
Still a little confused on firewalls. Here's my situation (more detail
this time).
I am assigned a block of IP addresses from the Office of Information
Tech. at our University. Along with this block of IP's come the DNS
servers I have to use and the Default Gateway. Everything else, DHCP,
File server, webserver is up to me to provide. I need to build a
firewall that will allow my current block of addresses(class B), which
are assigned to my network from a DHCP server that will is on my
network to access the net while providing a secure environment. Since I
have a substantial amount of addresses I do not need NAT to use 192's,
etc... Where my confusion comes in is the fact that I am already
assigned a default gateway on my network. Is it possible to apply a
firewall with Internet connection sharing that acts as a new default
gateway for my internal network while the firewall would still use the
Default Gateway assigned to me? How would I go about sharing that
connection without using NAT? Or should I just build a bridging
firewall? I am hesitant about a bridging firewall because it seems that
it would need to be fairly speedy to keep up with our network traffic.
Any recommendations would be appreciated. Thanks.
Bobby Knueven
>> If you are putting a firewall between your subnet and the default
>> gateway
>> for your subnet the simplest setup is a bridging firewall. It's not as
>> trivial to configure as a normal or routing firewall. I've only
>> actually
>> done this with RH7.3, but I don't think there are any fundamental
>> differences.
>>
>> As a bridging firewall you can set it up to inspect packets as they
>> pass
>> through the bridge and reject or drop those it doesn't like.
>> Otherwise it
>> operates just like a bridge, and is effectively transparent to the
>> rest of
>> the network. If you want, you can give an IP to the bridge so that
>> you can
>> access it from other hosts, but that's not necessary if you maintain
>> it from
>> the console.
>>
>> --
>> Nigel Wade, System Administrator, Space Plasma Physics Group,
>> University of Leicester, Leicester, LE1 7RH, UK
>> E-mail : nmw at ion.le.ac.uk
>> Phone : +44 (0)116 2523548, Fax : +44 (0)116 2523555
>>
>
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
>
More information about the fedora-list
mailing list