Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.Hawaii.Edu!news.caldera.com!enews.sgi.com!nntprelay.mathworks.com!howland.erols.net!psinntp!pubxfer.news.psi.net!usenet From: greg baxter <greg@microa.com> Newsgroups: comp.unix.bsd.freebsd.misc Subject: firewall... Date: Tue, 01 Jul 1997 23:00:43 -0400 Organization: micro-a, inc. atlanta, ga. Lines: 43 Message-ID: <33B9C45A.6CFD11D5@microa.com> Reply-To: greg@microa.com NNTP-Posting-Host: 38.176.82.103 Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mailer: Mozilla 4.01 [en] (Win95; I) X-Priority: 3 (Normal) Xref: euryale.cc.adfa.oz.au comp.unix.bsd.freebsd.misc:43783 this was posted on the firewall news group. since i'm using freebsd, thought maybe this may generate some response from the gurus... we want to firewall our local net using freebsd 2.2. a little confused, we put two nics in one bsd machine, each with its own different network (not just diff host). the idea is, we need it to: hit our inet router, a t1 interface when called to do so by any local machine. this is on net 'a'. i suppose this is the only host that will be on net 'a' other than the nic in the bsd box. right? route ip data for us, with appropriate filtering via ipfw. from net 'b' to net 'a' (net 'a' is the internet side of things). do we need to configure this machine as a 'gateway' as defined in rc.conf? turn on 'routing' in same rc file? right now, our default gateway is just the t1 router (ascend pipeline) and all works well, but the ascend is on the same net as everything else. have read the o'reilly book, and at least *believe* i'm on the right track. any help you guys can toss my way is really gonna be very much appreciated, i'd like to get this thing up and going soon. thanks in advance -- greg -- death, taxes and liberals will always be with us. death however, does not get worse with time. see the micro-a web page at: www.microa.com