I'm not sure what you need to read up on.... What I've told you is basically the "generic Linux" information. As stated, each distro either does or doesn't do sub-interfaces using their own GUI tools, but finding docs on that would be specific to your distro. I am not sure about WebMin. That might be a good way to do it and read about it if available.
As for your server, be sure you use IPChains or NetFilter (preferred) to secure that server. Allow only what's necessary from the outside and drop everything else. A quick Google search doesn't turn up anything immediately interesting about subinterfaces for Linux. Perhaps a good book? Subinterfaces can be used for one of two (At least two that I use them for) purposes: 1) To make one NIC talk on the same WIRE for multiple SUBNETs. This is good for firewalls on a stick or other situations where a "secondary" subnet exists on the same physical local network. This is typically used in Routing. 2) To make one NIC answer on the same WIRE for multiple IP address on the SAME SUBNET. This is typically used for virtual-web servers and things of that nature, as well as static NAT-ing on a NAT box so that the NAT box answers for those other IP addresses. *) I'm sure someone else will come up with another reason to use IP Subinterfaces... the beauty of Linux: Flexibility and Power. On Mon, 24 Jun 2002 09:46:49 -0500 "Michael Hipp" <[EMAIL PROTECTED]> wrote: > Correct. I'm trying to avoid turning this box into a firewall/router. > Especially since I already have the router (a LinkSys). The subinterface > > looks like the way to go. How best to read up on it? > > It's easy to tell the router to send inbound connection attempts to a > particular addr or port on the LAN (and nowhere else). That makes it > look like that one addr/port is on the Intenet but everything else > remains invisible (a necessity since they're all Win boxes). My hope is > to allow a few select secure connections (to this box only) for remote > admin & data access. > > Thankfully I don't need it working today. I've got a fair bit of > learnin' to do. > > Know anything about providing secure samba via SSH, VPN, ipSEC or > somesuch? > > Thanks, > Michael > > On Monday 24 June 2002 09:06 am, Matthew Carpenter wrote: > > I was under the impression that this was supposed to be a firewall > > box. My apologies. You probably want to do that using subinterfaces, > > although I'm not quite sure what it's gaining you. I assume that the > > NAT router is an appliance, like a LinkSys DSL router or somesuch, > > correct? You don't have the NAT Router allowing externally originated > > traffic to the server, do you? (This would require a static NAT or > > PAT of some sort on the NAT Router). > > > _______________________________________________ > Linux-users mailing list - > http://linux-sxs.org/mailman/listinfo/linux-users > Subscribe/Unsubscribe info, Archives,and Digests are located at the > above URL. _______________________________________________ Linux-users mailing list - http://linux-sxs.org/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
