Date: Tue, 11 May 2004 12:31:57 -0500 From: Bryan Cassidy <b_cassidy@bellsouth.net> To: freebsd-questions@freebsd.org Subject: Re: OpenBSD/ (maybe FreeBSD) Firewall/Router/DNS Message-ID: <20040511173157.GA82076@bellsouth.net> In-Reply-To: <020f01c43718$98959860$0201a8c0@dredster> References: <20040511052016.GA23553@bellsouth.net> <020f01c43718$98959860$0201a8c0@dredster>
next in thread | previous in thread | raw e-mail | index | archive | help
Sounds good to me but I'm still confused about how I need to set this up hardware wise. The link at freebsddiary sounds good to start with I guess. I don't know if I need any extra hardware either. I have at the moment 2 NICs and 2 crossover cables. Do I need more? Do I keep the NIC in this machine or do I move it to the machine that will be acting as a firewall/router/gateway? How do I set this up? Still confused on this part. On Tue, May 11, 2004 at 12:26:59AM -0500, Micheal Patterson wrote: > > > ----- Original Message ----- > From: "Bryan Cassidy" <b_cassidy@bellsouth.net> > To: <freebsd-questions@freebsd.org> > Sent: Tuesday, May 11, 2004 12:20 AM > Subject: OpenBSD/ (maybe FreeBSD) Firewall/Router/DNS > > > > Hello. I am currently running FreeBSD 4.9-RELEASE p-7. I am pretty > comfortable with FreeBSD for the most part and really enjoy using it on a > day to day basis. This is my thoughts. I have an older NEC PC that I would > like to put to some use. First off I don't know if I need any 'extra' > hardware. I have now 1 DSL modem (dhcp - could get static, is it worth > getting?), 3 NICs, and 2 cables to connect the ethernet cards. I have just > been reading up on Firewalls on FreeBSD using ipfw. I would basically like > to do the following. I want to install OpenBSD 3.5 or Possibly one of the > FreeBSD 4.x, 5.x, 4-stable, current or whatever. Which would you all > recommend using in this situation? I want to continue to use my nice newer, > much faster computer to do all configurations to the system, updates, > installing software, running apache, configuring firewall, etc. etc. etc. > via ssh (good choice?) to the other/older box. Would really appreciate some > insight on this topic. Networking/Security is becoming very interesting to > my. Thanks. Don't forget, do I need any 'extra' hardware? > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > > > > I can't speak for anyone else but myself, but here's my opinion on this. > > If you have an older box, you'll need 2 nics. One (external / serial > interface) to the dsl modem (crossover cable), one to the lan side. If this > is also to a PC, you'll need another crossover cable. If the old NEC is a > 486 with at least 32 mb ram, that should be all you'll need hardware wise as > long a it's got a couple of gig for drive space. If you want to enable full > firewall logging, you'll need more disk space for that of course. What I'd > recommend doing in your situation, is the same as I have here at home. Have > the bsd box (I prefer freebsd myself) connect to your provider and pull the > ip on the serial interface, then assign a private ip to the internal nic and > to the systems behind it on the lan. Then on the bsd box, enable nat and the > first rule of your firewall will be a divert rule to pass everything to NAT. > > For more info on this and it's configuration, check out > > > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/book.html > > or > > http://www.freebsddiary.org/ipfw.php > > If you're still wanting more info, then I'd recommend a google search for > freebsd natd and / or freebsd ipfw to get a lot of good and useful info. > > Hope it helps. > -- > > Micheal Patterson > TSG Network Administration > 405-917-0600 > > Confidentiality Notice: This e-mail message, including any attachments, is > for the sole use of the intended recipient(s) and may contain confidential > and privileged information. Any unauthorized review, use, disclosure or > distribution is prohibited. If you are not the intended recipient, please > contact the sender by reply e-mail and destroy all copies of the original > message. > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040511173157.GA82076>