Date: Thu, 10 Aug 2000 21:16:04 -0400 (EDT) From: Siobhan Patricia Lynch <trish@bsdunix.net> To: cjclark@alum.mit.edu Cc: ym g <ymg@graffiti.net>, freebsd-ipfw@FreeBSD.ORG Subject: Re: Bridging firewall Message-ID: <Pine.BSO.4.21.0008102113100.21752-100000@superconductor.rush.net> In-Reply-To: <20000810000409.B5405@149.211.6.64.reflexcom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I do a bridging firewall in front of slashdot. the bridge can only be a bridge, the interfaces can answer to addresses, but doing routing on it is a *bad* idea. for more particulars, email me privately. -Trish __ Trish Lynch FreeBSD - The Power to Serve trish@bsdunix.net Rush Networking trish@rush.net On Thu, 10 Aug 2000, Crist J . Clark wrote: > [Please put in newlines at about 72 columns or so. Each of your > paragraphs is on one line.] > > On Thu, Aug 10, 2000 at 01:43:35AM +0800, ym g wrote: > > Hi, I am trying to setup a bridging firewall and have some questions. > > > > In a bridge, it doesn't seem neccasary to configure any IP's for the 2 interfaces. However, I would like to remotely manage my bridging firewall. If so, does the interface attached to the Internet [router] need the same address as the router or just another address from my segment. I think its the later but my bridging fundamentals are hazy :-( > > Give the machine a unique IP address on your network. It really > doesn't matter which interface gets the address, but for asthetic > reasons, I'd put it on the "outer" interface. > > > Would doing so allow me to telnet/ssh into the bridging firewall box or do I need another interface to get in and leave the original 2 interfaces unconfigured > > No, just assign an IP to one interface. > > > Also, if I have two different leased lines [different blocks], can I use a 4 port NIC like a D-LINK DFE 570 to setup a single machine as a bridging firewall for both networks [using different rulesets] > > Well, now it sounds like you would need to be doing routing since I > doubt different lines will be coming in on the same logical > network. I wouldn't try to do routing and bridging on one box. > -- > Crist J. Clark cjclark@alum.mit.com > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-ipfw" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSO.4.21.0008102113100.21752-100000>