I am an ISP with dial-up, wireless, hosting and all things that go along with being an ISP. I have been using Dachstein as a proxy-arp firewall for several months now and it works great. On the proxy-arp I have eth0 for the connection to the internet. I am using eth2 for proxy-arp for everything else. Also have been using Dachstein for a DMZ firewall for customers for a couple of years. Thanks Charles!!
My servers are currently on the same network as my dial-up and wireless users. The main reason for the firewall was to block out the worms, pings, and hacking attempts coming from the internet. I am still open to local users, but in addition to Dachstein I do use the firewalls(ipchains, and iptables) on the linux boxes.
I am in the process of switching providers and as such having to change all my IP addresses over with the new provider. I would like to take this time to do things the "right" way. Currently everything is all on one subnet and I want to re-arrange IP addresses and subnets on machines to reflect the different machine functions. i.e. Servers all in one subnet, dial-up IP's in a separate subnet, wireless another, etc... I want to protect my servers not only from the outside, but from the inside as well. And I want to still protect my dial-up and wireless customers from the outside with the firewall.
I also want to be able to provide a transparent proxy with squid. Not sure if this can or if it should be done with the same firewall or if it will require a second box for the transparent redirect.
I'm sure Bering-uClibc is probably the way to go.
I would like to hear from some of the great minds out here as to your suggestions for doing these things as an ISP.
Thanks very much,
LaRoy
------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
