On Mon, 2002-12-16 at 17:17, Andy Elacion, Jr. wrote: > Goody day. > > I set-up a firewall in our office, it has has 2 NIC. I remove the daemon > that I do not need, basically, it's a plain linux installation. > > The network configuration is, eth0 is facing internet and eth1 is facing > secured network. My question is this: > > How do I forward web packe to our secured web server from Fwall using > ipchains?
Take a look at shorewall: http://www.shorewall.net No GUI required. I run it on a small network here (less than 10 users) on a Pentium 100 with 48MB RAM (Redhat 7.2) so we can all share a single DSL connection. Easy to setup (by editing text files in /etc/shorewall) and works flawlessly. Forwarding a particular port to another server is a one line change. However, that being said, you are about to commit a huge security snafu (If I am understanding your setup). Do not set up a web server inside your network that is visible to the Internet. Put the web server in a DMZ. If the web server gets hacked and it's on your internal network, the intruder suddenly has an open route to every PC on your LAN. -- Cliff Wells, Software Engineer Logiplex Corporation (www.logiplex.net) (503) 978-6726 x308 (800) 735-0555 x308
signature.asc
Description: This is a digitally signed message part