Date: Tue, 21 Apr 1998 13:00:59 -0700 (PDT) From: Doug White <dwhite@gdi.uoregon.edu> To: Mike Grommet <mgrommet@insolwwb.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: I need guidance with a installation... Message-ID: <Pine.BSF.3.96.980421125857.4074d-100000@gdi.uoregon.edu> In-Reply-To: <002501bd6d8e$03f651e0$02941fce@work1.insolwwb.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 21 Apr 1998, Mike Grommet wrote: > Hi guys... I need some advice.... > I have been put in charge of an installation of a server running freebsd > that will act as a mail server > and an internet web server, plus dns for a large factory office. The actual > web server setup and mail setup is simple and I feel pretty confident there > but I need advice as to whether or not I have this thing figured right... ok. > Heres the plan... please point out any flaws... > I am planning on setting up the in-house network on a non-internet class C , > like 192.0.2.* > and will set up the unix box on an internet class ip number say, > 206.31.148.99 or somesuch... > > Now I want to have the 192.0.2.* machines to be able to surf the net and > receive email and perform other > net capacitities, I would assume through some sort of proxy service... this > is possible right? sounds like a job for natd. > Now about firewalls... I've never set one up so I am a lot fuzzy here... > The first question is do I even need a firewall since the ip's on the > 192.0.2.* network are not > internet accessible... If I should go ahead and set up a firewall, do you > guys suggest one at the router level? On the natd box. > or is it possible to run one on the same machine that will be acting as a > dns server, mail server and web server? I think so, although it's good design practice to separate this. There are several ways of setting this up; go buy a good Internet security book. > Heres a hypothetical question for you... > if I set up a firewall on a machine and the network behind it is on > internetable IP's, how do I govern all traffic coming into the network... > the configuration I have in mind is: > basically traffic comes from the router, into a hub and on the network from > there... how do I make it so that all traffic goes into the actual firewall > machine? PUt the filter between the router and the hub, put two ethernet cards in it, run ipfw and route packets between the interfaces. Doug White | University of Oregon Internet: dwhite@resnet.uoregon.edu | Residence Networking Assistant http://gladstone.uoregon.edu/~dwhite | Computer Science Major To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980421125857.4074d-100000>