Date: Sun, 1 Jul 2001 13:36:24 -0700 From: "Robert Banniza" <robert@rootprompt.net> To: <freebsd-ipfw@FreeBSD.ORG> Subject: IPFW and triple-homed box... Message-ID: <GMEDKMKMEBENJMBLDHAICEMDDPAA.robert@rootprompt.net> In-Reply-To: <20010701110834.B296@blossom.cjclark.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Guys, I've got a box that I would like to add a third interface to for a DMZ. However, I'm having more questions than answers right now. I have basically the following interfaces: xl0 (external interface to router) fxp0 (internal interface using NAT) fxp1 (DMZ interface using REAL IP on this interface as well as all machines having a real IP) I want to allow ports 80,443 and 25 over to one single real IP on the DMZ while allowing nothing to flow in to the internal network from the DMZ. I also want all traffic on the internal network allowed out to the 'net and allowed over to the DMZ. I wrote the following HOWTO (http://www.rootprompt.net/freebsd_firewall.html) for a dual-homed firewall about a year ago but have since been using a Firebox II. Therefore, my IPFW rules knowledge is rusty and no matter how much I try to figure this out, I can't get it right. Therefore, can any send me a list of their rules (if they are similar to what I want to do) or can you point me to a URL that exmplains setting up a triple-homed firewall with a DMZ? I would certainly appreciate any help with this as I would like to get off of this Firebox and back to IPFW. Thanks Robert To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?GMEDKMKMEBENJMBLDHAICEMDDPAA.robert>