Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!news.rmit.EDU.AU!news.unimelb.EDU.AU!munnari.OZ.AU!news.mel.connect.com.au!news.mira.net.au!inquo!news.seinf.abb.se!nooft.abb.no!Norway.EU.net!nntp.uio.no!news.cais.net!van-bc!newsfeed.direct.ca!nntp.teleport.com!usenet From: david.chamberlain@ibm.net (David Chamberlain) Newsgroups: comp.unix.bsd.freebsd.misc Subject: FreeBSD as Internet firewall Date: 25 Jun 1996 20:21:40 GMT Organization: Yoshida, Inc. Lines: 44 Message-ID: <4qphok$2lf@nadine.teleport.com> NNTP-Posting-Host: ip-pdx19-58.teleport.com Mime-Version: 1.0 Content-Type: Text/Plain; charset=US-ASCII X-Newsreader: WinVN 0.99.7 I have been working with FreeBSD for some time now and am really enjoying it. Now I need to make it really work for me. I am having a Frame Relay put into our company from US Sprint. One to four channels of it will be set up as a virtual circuit to the internet. I am getting a hardware router to route the IP from the Frame Relay to an Ethernet segment. The only machine I want on the Internet ethernet segment is the FreeBSD machine (which I will call gateway). It will also have a NIC connected to our internal network. I believe I have learned enough about firewalls to decide that I want to implement an application level firewall, also called a proxy gateway. If I understand it right, this means that no IP routing occurs between the internet and my network. So, now the questions. Does application level proxy software (for outgoing FTP, HTTP, etc) exist for FreeBSD and, if so, how reliable is it? I believe I can do DNS and SENDMAIL with the existing installed DNS and SENDMAIL daemons. Also, what kind of hardware would you recommend for a gateway like this. Should I use PCI NIC's instead of ISA for performance. What NIC's, either ISA or PCI have the most reliable drivers for FreeBSD. (I am not afraid to download and compile -stable, i've already done it just for fun). Also, does FreeBSD have (or will have) drivers for HP 100VG NIC's? I don't have current plans for gateway to be a web or ftp server. Should I still use SCSI drives or would IDE be OK. If I really need SCSI drives, what SCSI adapter (either ISA or PCI) have the most reliable FreeBSD drivers. I plan to use at least a Pentium 100. How much RAM should I use? I would appreciate any suggestions anyone may offer. I am really new to this Unix/Internet thing, as well as FreeBSD. I would like to do this with as little hair pulling as possible. Thanks is advance. -- +------------------------------------+---------------------------------------+ | David Chamberlain, | Opinions expressed are my own, and | | Yoshida, Inc. | are not neccessarily consistant with | | Oregon International Air Freight | the opinions of anyone else at all. | | david.chamberlain@ibm.net | | +------------------------------------+---------------------------------------+