Skip site navigation (1)Skip section navigation (2)
Date:      21 Aug 2002 21:11:20 +0000
From:      Josh Paetzel <friar_josh@webwarrior.net>
To:        "RDWestSr@hotpop" <rdwestsr@hotpop.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Firewall Help plz
Message-ID:  <1029964281.226.6.camel@markx.vladsempire.net>
In-Reply-To: <001401c24973$cf3fb240$0a00a8c0@papabear>
References:  <001401c24973$cf3fb240$0a00a8c0@papabear>

next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 2002-08-22 at 00:35, RDWestSr@hotpop wrote:
> hi guys,
> i need a little input on freebsd firewalls--
> check my ideas out and maybe advise me the best route and point me to some
> detailed links etc...
>      a friend of mine asked me to help him get his small business online.
> i'm looking for some ideas on this.  my questions...
> 
> 10 computers
> - 1 server
> -9 clients
> 
> ok,  all customer info, orders, etc is kept on the server...   he has 9
> employees that log into the server from their client pc to update and change
> information etc...
> 
> now his employees want on the net to surf, mail, download mp3's etc...
> he's getting a commercial cable account
> 
> what is the best secure way to build the firewall or wall(s) for the
> network....
> hummm
> the server needs a big wall :)
> here's my thinking
> 
> the server has to be secure enough that if and when a client gets hacked
> that they can't get into the server and screw it up...
> 
> so...
> NET->
> FREEBSD _FIREWALL/GATEWAY (nic cards to 2 networks)
> LAN_#1(all 9 clients)
> LAN_#2(the server)
> -------------------  or
> NET->
> FREEBSD _FIREWALL/GATEWAY-#1->
> #1-LOCAL_AREA_NETWORK->
> FREEBSD _FIREWALL/GATEWAY-#2->
> THE_SERVER
> --------------------
> here's my main question--
> can freebsd be setup by MAC ID access ?????
> my ideas are to route access for the clients on ports 20,21,25,53,80,110 to
> access net while nic #2 of LAN#2 is setup where only the 9 MAC IDs of the
> LAN#1 can access the server...
> 
> thats my way of thinking...    i was thinking a double firewall would be
> more secure than a single firewall box...
> 
> tx in advance guys...
> i'm just trying to save him a ton of money here while making it safe for his
> employees to get on the net...
> 
> RDWestSr

My guess is you are going to have to pay to get that sort of support. 
I'd typically charge anywhere from $300-$500 on the side to set
something like that up on a Saturday.  Get a copy of ORA's building
Internet Firewalls, and take a look at the handbook and man page for
ipfw.

Josh




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1029964281.226.6.camel>