From owner-freebsd-questions@FreeBSD.ORG Mon May 10 22:26:28 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5AFAF16A4CE for ; Mon, 10 May 2004 22:26:28 -0700 (PDT) Received: from lakermmtao02.cox.net (lakermmtao02.cox.net [68.230.240.37]) by mx1.FreeBSD.org (Postfix) with ESMTP id 16D1D43D2F for ; Mon, 10 May 2004 22:26:27 -0700 (PDT) (envelope-from micheal@tsgincorporated.com) Received: from router.caverns.us.eu.org ([68.227.96.223]) by lakermmtao02.cox.netESMTP <20040511052625.IKAR21610.lakermmtao02.cox.net@router.caverns.us.eu.org>; Tue, 11 May 2004 01:26:25 -0400 Received: from dredster ([192.168.1.2])i4B5QPrm020551; Tue, 11 May 2004 00:26:25 -0500 (CDT) (envelope-from micheal@tsgincorporated.com) Message-ID: <020f01c43718$98959860$0201a8c0@dredster> From: "Micheal Patterson" To: "Bryan Cassidy" , References: <20040511052016.GA23553@bellsouth.net> Date: Tue, 11 May 2004 00:26:59 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1409 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 Subject: Re: OpenBSD/ (maybe FreeBSD) Firewall/Router/DNS X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 May 2004 05:26:28 -0000 ----- Original Message ----- From: "Bryan Cassidy" To: Sent: Tuesday, May 11, 2004 12:20 AM Subject: OpenBSD/ (maybe FreeBSD) Firewall/Router/DNS > Hello. I am currently running FreeBSD 4.9-RELEASE p-7. I am pretty comfortable with FreeBSD for the most part and really enjoy using it on a day to day basis. This is my thoughts. I have an older NEC PC that I would like to put to some use. First off I don't know if I need any 'extra' hardware. I have now 1 DSL modem (dhcp - could get static, is it worth getting?), 3 NICs, and 2 cables to connect the ethernet cards. I have just been reading up on Firewalls on FreeBSD using ipfw. I would basically like to do the following. I want to install OpenBSD 3.5 or Possibly one of the FreeBSD 4.x, 5.x, 4-stable, current or whatever. Which would you all recommend using in this situation? I want to continue to use my nice newer, much faster computer to do all configurations to the system, updates, installing software, running apache, configuring firewall, etc. etc. etc. via ssh (good choice?) to the other/older box. Would really appreciate some insight on this topic. Networking/Security is becoming very interesting to my. Thanks. Don't forget, do I need any 'extra' hardware? > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > I can't speak for anyone else but myself, but here's my opinion on this. If you have an older box, you'll need 2 nics. One (external / serial interface) to the dsl modem (crossover cable), one to the lan side. If this is also to a PC, you'll need another crossover cable. If the old NEC is a 486 with at least 32 mb ram, that should be all you'll need hardware wise as long a it's got a couple of gig for drive space. If you want to enable full firewall logging, you'll need more disk space for that of course. What I'd recommend doing in your situation, is the same as I have here at home. Have the bsd box (I prefer freebsd myself) connect to your provider and pull the ip on the serial interface, then assign a private ip to the internal nic and to the systems behind it on the lan. Then on the bsd box, enable nat and the first rule of your firewall will be a divert rule to pass everything to NAT. For more info on this and it's configuration, check out http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/book.html or http://www.freebsddiary.org/ipfw.php If you're still wanting more info, then I'd recommend a google search for freebsd natd and / or freebsd ipfw to get a lot of good and useful info. Hope it helps. -- Micheal Patterson TSG Network Administration 405-917-0600 Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.