there are not much gain in security with such (proposed) topology. Suggest you to play with a OpenBSD bridge/filtering box + the NAT box in Linux (or FreeBSD).
lan-->/masq box/-->/bridge/--->internet. look the original article here: http://www.daemonnews.org/200109/network.html I felt very enthusiasthic on such proposal. >my superior wants me to have a bastion host that sits in front of the >masq-box. > >LAN ---> MASQ-BOX----> BASTION ---> Internet sauda��es, irado furioso com tudo linux user 179402 deus � constru�do � imagem e semelhan�a do homem. Principalmente em seus defeitos. por favor, clique aqui: http://www.thehungersite.com e aqui tamb�m: http://cf6.uol.com.br/umminuto/ ------------------------------------------------------------ Nettaxi would like to ask for your help in donations to the RED CROSS today! http://www.nyredcross.org/donate/ _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
