Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 1 Oct 1998 00:22:30 -0500 (CDT)
From:      Alejandro Galindo Chairez AGALINDO  <agalindo@servidor.exsocom.com.mx>
To:        questions@FreeBSD.ORG
Cc:        freebsd-security@FreeBSD.ORG
Subject:   Firewall with 2 NIC and a NET class C
Message-ID:  <Pine.BSF.3.96.981001000443.24945A-100000@servidor.exsocom.com.mx>
next in thread | raw e-mail | index | archive | help 
Hello!

	I have a network class C (conected to Internet), some hackers are
cracking my server and i need to install a firewall.

	I have 2 xl NIC's (xl0 and xl1), but i dont know how will be the
rc.firewall configuration and how i can protect all my network for outside
attacks.

	In the rc.firewall i use the "simple" firewall type, but i dont
understand how i can divide my network class C in 2 networks (with a mask
255.255.255.128 sample).

	I need to have real internet ip's in the 2 NIC's becouse i want to
protect my WWW and e-mail servers.

Here is a sample of what i have and what i need:

		INTERNET
		   |
		   |
		My router (208.195.117.2)
		   |
		   |
		 ----------------------- (network class C 208.195.117.*)
  		   |             |     |
		   |             |     |
		WWW server   email server  and PCs
             208.195.117.11   208...12     208...13 (sample)



I need to protect all my network and i think the solution can be:

		INTERNET
		   |
		   |
		ROUTER  (208.195.117.2)
		   |
		   | 			  maybe mask 255.255.255.128
		FIREWALL (208.195.117.14) xl0 (first NIC) 
                   |
		   |  208.195.117.129 xl1 (second NIC) of the firewall
	        ------------------------
	        |          |        |       maybe mask 255.255.255.128	
                |	   |	    |
	    WWW server   email server  PC's ...
	    208.195.117.130  208...131   208...132  etc

Please i need help i how to plain the network and how to indicate the
rules in the rc.firewall

Iam desesperate becouse my network is attacked.

Thanks in advanced

Alejandro Galindo


 ----------------------------------------------------------------------------
|                                                          ,        ,        |
|                                                         /(        )`       |
|                                                         \ \___   / |       |
|                                                         /- _  `-/  '       |
|                                                        (/\/ \ \   /\       |
|     ExSoCom Dgo. MEXICO                                / /   | `    \      |
|                                                        O O   ) /    |      |
|                                                        `-^--'`<     '      |
|                                                       (_.)  _  )   /       |
|     Alejandro Galindo                                  `.___/`    /        |
|     Tel: (52 18) 179177                                  `-----' /         |
|     Fax: (52 18) 185155                     <----.     __ / __   \         |
|                                             <----|====O)))==) \) /====     |
|    e-mail alejandro.galindo@exsocom.com.mx  <----'    `--' `.__,' \        |
|                                                          |        |        |
|          http://www.exsocom.com.mx                       \       /       /\|
|                                                     ______( (_  / \______/ |
|                                                   ,'  ,-----'   |          |
|                      a FreeBSD ISP                `--{__________)          |
 ----------------------------------------------------------------------------


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.981001000443.24945A-100000>