From owner-freebsd-questions  Mon Jun  4 16:49:37 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from hotmail.com (f8.law9.hotmail.com [64.4.9.8])
	by hub.freebsd.org (Postfix) with ESMTP id 713C537B405
	for <freebsd-questions@freebsd.org>; Mon,  4 Jun 2001 16:49:33 -0700 (PDT)
	(envelope-from thierryblack@hotmail.com)
Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC;
	 Mon, 4 Jun 2001 16:49:33 -0700
Received: from 142.165.70.131 by lw9fd.law9.hotmail.msn.com with HTTP;	Mon, 04 Jun 2001 23:49:33 GMT
X-Originating-IP: [142.165.70.131]
From: "Thierry Black" <thierryblack@hotmail.com>
To: freebsd-questions@freebsd.org
Subject: how to hook up a firewall?
Date: Mon, 04 Jun 2001 17:49:33 -0600
Mime-Version: 1.0
Content-Type: text/plain; format=flowed
Message-ID: <F8bLAX3cf3ednHM3SOl000156f0@hotmail.com>
X-OriginalArrivalTime: 04 Jun 2001 23:49:33.0547 (UTC) FILETIME=[013FDBB0:01C0ED51]
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

Thanks to you for answering my other questions before! this group is a great 
help.

I have a small subnet of public addresses,
like 172.168.0.128/28  So, 128 is network,
129-142 are usable, and 143 is broadcast.

I want to put up firewall in between and have it route all traffic to and 
from this network but I want an other machine (web server) on the same 
segment as the firewall, but not behind the firewall. all other machines 
should be behind firewall.

so something like this:

gateway 1 (isp manage)
          |
  +-------+----------+
  |                  |
firewall         web server
  |
  +-----+-----+-- - - -
  |     |     |
other machines behind firewall


all machines in diagram must use ip address from our subnet, but I can 
change all addresses (including isp manage gateway) if subnet works better. 
there are a few free ip addresses.

how would you guys set this up?

_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message