From owner-freebsd-questions Sun Nov 22 08:59:07 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id IAA21188 for freebsd-questions-outgoing; Sun, 22 Nov 1998 08:59:07 -0800 (PST) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from militzer.me.tuns.ca (militzer.me.TUNS.Ca [134.190.50.153]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA21183 for ; Sun, 22 Nov 1998 08:59:03 -0800 (PST) (envelope-from bemfica@militzer.me.tuns.ca) Received: from localhost (bemfica@localhost) by militzer.me.tuns.ca (8.8.8/8.8.5) with SMTP id MAA08751 for ; Sun, 22 Nov 1998 12:41:55 -0400 (AST) Date: Sun, 22 Nov 1998 12:41:55 -0400 (AST) From: Antonio Bemfica To: freebsd-questions@FreeBSD.ORG Subject: Firewall Question Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG This question might be better suited to a firewall list, but since I'd implement a firewall with FreeBSD, I decided to run the risk of asking it here: Must the machine acting as the firewall be physically "between" the machines it is to protect and the rest of the world: world --> firewall box --> Hub --> protected machines or is is possible to specify routes so that packets on the way to the protected machines would be filtered by the firewall box before being allowed to continue: world --> Hub --> firewall box --> protected machines If so, I assume these routes would have to be set someplace before the packets hit the hub on the subnet where the machines are. I'm fairly new at this, and would appreciate any help I can get. Thanks Antonio To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message