Greetings, I am facing a problem in setting up my gateway so I am asking for help. Let me describe me my setup.
My ISP gateway is *.*.144.49. I am assigned a few static IPS.
*.*.144.54
*.*.147.229
*.*.147.230
I would like to set up a FreeBSD packet filtering gateway. I have currently
laid out my network as:
------------ --------------
-------------
| | | |
| |
| ISP |*.*.144.49 | FreeBSD Box |*.*.147.229
| Linux |
| GATEWAY |-----------------------| |-----------------------|
NAT |
| | *.*.144.54| |
*.*.147.230| |
------------- ---------------
-------------
| 172.16.0.1
|
|
|
|172.16.0.200
--------------
| |
| LAN |
| Host |
| |
| |
---------------
My rc.conf looks like:
ifconfig_fxp0="inet 61.95.147.118 netmask 255.255.255.252"
ifconfig_sis0="inet 61.95.147.229 netmask 255.255.255.252"
ifconfig_sis0_alias0="inet 172.16.0.2 netmask 255.255.0.0"
gateway_enable="YES"
routed_enable="YES"
firewall_enable="YES"
firewall_type="OPEN"
arpproxy_all="YES" # replaces obsolete kernel option
ARP_PROXYALL.
firewall_script="/etc/rc.firewall" # Which script to run to set up the
firewall
ip_portrange_first="10000" # Set first dynamically allocated port
ip_portrange_last="20000" # Set last dynamically allocated port
tcp_drop_synfin="YES" # Set to YES to drop TCP packets with
SYN+FIN
icmp_drop_redirect="YES" # Set to YES to ignore ICMP REDIRECT
packets
I have still not configured the firewall. I would be highly obliged if
anyone helps me by telling what are the things I am missing out? Another
point to be taken care of is, a couple of systems inside the LAN are having
a public IP. For example one of the host is having an IP of *.*.144.82. I am
not allowed to mess with the Linux NAT box in any way because of some
preinstalled commercial software solutions. However I can change the IPs of
the NAT box if necessary. Please help me out.
Thanks and Best Regards
Subhro
smime.p7s
Description: S/MIME cryptographic signature
