Date: Tue, 5 Mar 2002 09:44:53 +0300 (MSK) From: "A.Rakukin" <rakukin@pochtamt.ru> To: questions@freebsd.org Subject: with and without firewall Message-ID: <200203050644.g256irn40909@www5.mailru.com>
next in thread | raw e-mail | index | archive | help
Hello, I would like to have my network (say, 128.1.1.0 with router 128.1.1.1) connected to the Internet via the firewall most of the time, but also provide the possibility for this network to be switched to direct Internet connection at any time, without any changes in routing. I guess I can set it up in the following way: - create an additional network (128.2.2.0), - add this network as secondary to the router, assigning an additional address 128.2.2.1 to the router itself, - set up a firewall with external address 128.2.2.2 and internal addresses 128.1.1.1 - make the firewall pick all packets intended for 128.1.1.0 which come to its external interface, filter them and send into the internal network. Then, routing should work either if firewall is present or it is physically removed and router connected to the network directly. Is that possible? Which software can accomplish the last task? As far as I understand, NAT address redirection does not do it. Maybe, there are easier ways to solve this problem, without setting up an additional network? Thanks a lot, Alex To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200203050644.g256irn40909>