I've got a solaris box acting as a gateway here (finally got it up).
When firewalling the box off, can i treat each interface as it's own, or
will I need to do something special for the setup due to me also natting
with this.
I've got
le0 => internet
le1 => lan
le2 => Wireless AP (currently left down)
Ideally, le2 is trusted, it's all open, le2, is locked down to vpn
tunnel port (you login to a vpn run from the gateway which will then
tunnel all your connections to the net. and le1 faces the internet, can
I just write rules for each interface, and be done with it? or do I need
to specially craft rules coming from my internal lan to the internet
(and back) or will NAT intelligently handle this? Or is this
accomplished from the keep state?
