In article <[EMAIL PROTECTED]> [EMAIL PROTECTED] writes: >I have 5 static ips >Im using a p400 with two nics (deb woody)
>Goals: >I want to do Packet Filtering and logging for the DMZ and the >workstations: See http://www.blars.org/sapaf.html for one way of putting your dmz hosts behind the firewall without needing a separate subnet (with differnt IPs) for them. >Questions: >1) Do I need three Nics on the Firewall , one for the DMZ? It's a good idea, but not strictly needed. You don't need the hub when doing this. (Use crossover cables.) >3) If the WAN interface in the router is a 64.1.1.x and the LAN >interface is a 2.x.x.x/24 will i be able to route the 1.1.1.x/24 and DMZ >host through the FW? Sure, just to NAT on one segment. >4) I want to use Iptables because I heard they are more advanced than >ipchains is this true? Yup. -- Blars Blarson [EMAIL PROTECTED] http://www.blars.org/blars.html With Microsoft, failure is not an option. It is a standard feature.
