Date: Wed, 11 Mar 1998 21:05:41 -0800 (PST) From: Doug White <dwhite@gdi.uoregon.edu> To: Louis-Philippe Alain <xenub@boisfrancs.qc.ca> Cc: questions@FreeBSD.ORG Subject: Re: Firewall: What to change? Message-ID: <Pine.BSF.3.96.980311210013.16485M-100000@gdi.uoregon.edu> In-Reply-To: <199803112308.SAA05221@mail.boisfrancs.qc.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 11 Mar 1998, Louis-Philippe Alain wrote:
> Hi,
> It's the first time I make "ASCII-Art" so please be indulgent... :) Will
> the trafic on the new "router" slow the machine? If so, maybe I should put
> it on the DNS machine as it's not very busy for the moment...
You used tabs and they expanded differently but I get the idea.
Everything hangs off a hub behind the router.
You'll want to stick a computer between the hub and the router and
configure it for all of your firewalling/filtering needs. Of course you
can recycle an existing computer, just remember to allow packets in/out
for whatever service(s) it may be hosting.
Kinda like this:
3Com T/S ------+
| _________________
CompuTone T/S -+ | | _________
| | FreeBSD | | |
FreeBSD Mail --+---+ Firewall/Filter +----+ Cisco +----[ World ]
| |_________________| |_________|
FreeBSD Web ---+
|
FreeBSD DNS ---+
On the filter, enable IPFW as described in the Handbook, tune
/etc/rc.firewall as desired, and you should be set to go.
> Thanks a lot for your help!
No problem.
Doug White | University of Oregon
Internet: dwhite@resnet.uoregon.edu | Residence Networking Assistant
http://gladstone.uoregon.edu/~dwhite | Computer Science Major
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980311210013.16485M-100000>