Well, on the firewall, you will probably want 2 nics. One for
the internal network, one for the external network.
Otherwise, I'd use ipchains (and probably gfcc to admin it)
and masquerading. Masquerading has problems with certain protocols,
but there's ip_masq_* kernel modules to fix those problems for
the more popular protocols (ftp, real audio, quake/doom, ...)
Also, masquerading uses timeouts, so if you want to maintain a
mostly-idle
connection to an external address, masquerading probably won't be the
best
(although you could use ipmasqadm to "pierce" the firewall for that one
connection). Although, most ISPs don't have these kinds of connections.
csmith wrote:
>
> If you wanted to fire wall a mixed OS environment with a Linux box of
> about 30 to 60 computers that had access to the outside world
> (internet) via a T1 line and router and switch, what would be your
> recommendation for a for the firewall program ( IPChains or something
> else) and the hardware (use one NIC or two).
> I am trying to get a recommendation and I will then experiment with a
> couple of the groups ideas to how they work in my situation, I am
> looking for ease of setup and minimal management necessary once set up.
>
> Thanks for all opinions
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
