No point in having an external firewall if you have an internal wireless (open) network for anyone who wants to use it. You might as well hang a network cable out your window for anyone to use.
On Tue, 21 Oct 2003 11:04:12 -0500, red Sent a mail to Ken Gilmour stating the following: >All, This may have come up a billion times in the past but, I am >setting up a FW �and I have some basic questions: > >Setup 1:(idea at least) > >�Public ip 64.1.1.x � � � � � � � � � � � � � � � � � � � � �DMZ HOST >(ports80,993,143,53) >upstream 64.1.1. � � � � �� � � � � � � � �/ (internet)---DSLmodem- >---(64.x)FW(2.x)--HUB/ � � � � � � � � � � � � � � � � � � � � \� � � � � � >1.1.1.0/24 >\Linksys(Wireless router) � � � � � � � � � � � � � � � � � � � � � \ � � � � >\ � �� � � � �� � � � � � � � � � � � � � � � � � � � � �\ � � � � � � �\ >��workstation, workstation > > >I have 5 static ips Im using a p400 with two nics (deb woody) > >Goals: I want to do Packet Filtering and logging for the DMZ and the >workstations: > >Questions: 1) Do I need three Nics on the Firewall , one for the >DMZ? >2) In the drawing above I am running DHCP on the LAN with the >Linksys Wireless router. Should I run DHCP on the LAN interface on >the FW instead? What would be the benefits/drawbacks? >3) If the WAN interface in the router is a 64.1.1.x and the LAN >interface is a 2.x.x.x/24 will i be able to route the 1.1.1.x/24 and >DMZ host through the FW? >4) I want to use Iptables because I heard they are more advanced >than ipchains is this true? >5) I am somewhat familiar with the command line IPtables commands, >but was curious at to what other (non gui) tools I could use to >write rules.? > > > >Thanks In advance -red > > > >
