ktb wrote: > > [snipped] > > > > My question is, whether I really need two machines for this scenario, or > > whether one machine will do it, by blocking any and all > > outside-initiated traffic on the interface that is connected to the > > outside (except for SSH) and not bothering what's going on on the > > interface connected to the local net. > > > > It will work. I guess it depends on how intensive the machine is going > to be worked, what the specs of the computer are etc. > kent
Simple answer. I guess, I have to read up on netfilter then. (Which I should've done anyways.) Thanks, Viktor -- Viktor Rosenfeld WWW: http://www.informatik.hu-berlin.de/~rosenfel/ Geek Code (3.1): GCS/SS d-@ s+: a20 C++@ UL++$ P+ L+++ E--- W++ N++ o? K? !W O? M? V? PS++@ PE+(-) Y+ P?(+++) t+ 5+ X- R? !tv b+ DI+ D- G e>+++ h-- r- !y+