On Sun, 11 Feb 2001, Drew Hunt wrote:
> I think separating the firewall and server functions into separate boxes is
> a good idea just for security, though the whole project could be run out of
> one box.
>
> Why the need for a proxy? Why not just use masquerading instead? see the
> MASQUERADING-HOWTO at your favorite linux docs depo, like linuxdoc.org.
> It's easy to setup and maintain through firewall rules.
>
There are several reasions to use a proxy. To conserve bandwith
(caching proxy like squid.), it limit access to the internet (Both to
specified users, and to block sites.) and to keep tract of usage are
applications that come to mind...
>
> Use ipchains for a firewall. Get a good script and modify it to your needs.
> See http://linux-firewall-tools.com/ and read his FAQ. Will also help you
> set up masq through ipchains.
>
> Run your DHCP, SAMBA, DNS, and other services from box 2. If you need the
> DNS to be accessible from the outside world, look into ipmasqadm for
> forwarding that port to box 2.
>
> Hope this helps.
> Drew
>
>
Mikkel
--
Do not meddle in the affairs of dragons,
for you are crunchy and taste good with ketchup.
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
