Yes, you can do this with Debian. You can probably even do it with Coyote, though I haven't used it myself so cannot be sure of that; but it is a standard configuration for real LRP systems (Coyote forked from LRP so long ago that it really is quite separate by now). If you check any of the main LRP sites -- leaf.sourceforge.net, www.linuxrouter.com, and lrp.c0wz.com are the important starting points -- you'll find instructions and semi-customized floppy images pretty readily.
You do need 3 NICs to do this safely, BTW; Cory's reply omitted the one that the DSL router connects to (at least here in PacBell territory). Sometimes people fake DMZs with IP aliasing on the internal NIC, but doing it this way defeats the security purpose of having a DMZ. Your biggest problem will be not NAT -- that's handled very conventionally by ipmasqadm -- but the fact that you have a dynamic IP address (I assume you mean PPPoE assigned, the current system common for cheap PacBell service). You'll need to use a service that provides dynamic DNS to resolve it. There used to be several sites that offered this for free, at least for DHCP-assigned dynamic addresses, but I don't know if that's gone the way of many another erstwhile freebie (does anyone else know?). At 10:16 PM 5/10/01 -0700, Kirk Schroeder wrote: > >Hello Debian People: >I was wondering if I can do this with Debian. I have a small LAN at home >that consist of several computers hooked up to the Inet with DSL. I am >currently using coyote linux LRP as my NAT/firewall. I want to run a web >server and I don't feel like letting port 80 into my private LAN, maby I >am paranoid :) My firewall computer is an 486/133MHZ with 32 megs of ram >it has 2 pci NICS in it. Can I add a third NIC and set this up as a DMZ >to my web server? Also I need to use NAT as I only have one dynamic IP >address. I would like to know how to do this or point me in the right >direction to find info. -- ------------------------------------"Never tell me the odds!"--- Ray Olszewski -- Han Solo Palo Alto, CA [EMAIL PROTECTED] ----------------------------------------------------------------
