Andrew McGlashan <andrew.mcglas...@affinityvision.com.au> wrote: > ... or .... is it the following ok? > >Firewalling, ala IPCop's port forwarding setup. > >That is, we have a firewall in IPCop (or similar) and outside access to ANY >internal machine is still restricted by what is port forwarded? If yes, then >I am sure that would be fine.
You can use ip6tables on the firewall to restrict access to the machines on the internal network as tightly as desired. For example, you could deny everything by default, then selectively allow established connections and incoming traffic for certain protocols. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/j15o4k$uc8$1...@dough.gmane.org