Hi All, If some kind soul could help, I'd appreciate it. :-) The HOWTO instructions don't seem to work correctly (but more than likely, my lack of understanding is at fault), so I plea for help. :-)
THE MACHINES: The firewall machine is running that latest Debian. Aside from a few default things, I've configured the dummy net driver, installed ipchains, and have two NICs in it. I can ping the Internet and the protected machine just fine -- the NICs auto-configured once I picked a suitable (?!) driver. I can ping the firewall from without and within (using the appropriate IP addresses). The external interface has an IP address on our network -- the internal one has 192.168.2.3 (which I read is one of those private network addresses). The protected machine is running Solaris 2.5.1 (possible to be upgraded to 2.6). It has another 'private' IP address, 192.168.2.2. (Using those private network numbers seemed like a good idea for security reasons.) It can ping the IP address of the firewall, but nothing else. THE PLAN; A few fortunate souls should be able to reach the protected machine via WWW (port 80, the default) from the Internet. Also, a few machine on our local network should be able to reach the protected machine on several different ports (including 80). HOW TO DO IT?! The commands in the HOWTO didn't appear to work. I tried installing ipchains and using that + ipportfw, but ipchains didn't like the commands I was giving it (tho' I got them from someone on this list, methinks. I can give more details about what's configured how, and what I want to do, but I'm really at a loss as to how I'm supposed to do this stuff. The HOWTO made it sound like I could use private network addresses or not, as I chose, but ipportfw almost seems like a requirement in that case (versus plain old IP forwarding), else how do the external machines reach the 'hidden' one? I think part of my problem may be how the 'hidden' machine's configured (default router, domain, etc.), but the HOWTO didn't really cover that. . . . Thanks in advance!!! Kendall P. Bullen