Ken Gilmour wrote:
No point in having an external firewall if you have an internal wireless (open) network for anyone who wants to use it. You might as well hang a network cable out your window for anyone to use.
On Tue, 21 Oct 2003 11:04:12 -0500, red Sent a mail to Ken Gilmour stating the following:
All, This may have come up a billion times in the past but, I am setting up a FW and I have some basic questions:
Setup 1:(idea at least)
Public ip 64.1.1.x DMZ HOST (ports80,993,143,53) upstream 64.1.1. / (internet)---DSLmodem- ---(64.x)FW(2.x)--HUB/ \ 1.1.1.0/24 \Linksys(Wireless router) \ \ \ \ workstation, workstation
I have 5 static ips Im using a p400 with two nics (deb woody)
Goals: I want to do Packet Filtering and logging for the DMZ and the workstations:
Questions: 1) Do I need three Nics on the Firewall , one for the DMZ? 2) In the drawing above I am running DHCP on the LAN with the Linksys Wireless router. Should I run DHCP on the LAN interface on the FW instead? What would be the benefits/drawbacks? 3) If the WAN interface in the router is a 64.1.1.x and the LAN interface is a 2.x.x.x/24 will i be able to route the 1.1.1.x/24 and DMZ host through the FW? 4) I want to use Iptables because I heard they are more advanced than ipchains is this true? 5) I am somewhat familiar with the command line IPtables commands, but was curious at to what other (non gui) tools I could use to write rules.?
Thanks In advance -red
-- -daniel http://www.debian-gnu.com
