It is much easier to only connect 1 computer to the router to act as
the NAT/Firewall and route all internet traffic through that computer
by using 2 NICs.
Internet -- Router -- eth0-NAT/firewall-eth1 -- Switch
| |
| |
| |
Terminals Server
Instead of
Internet -- Router -- NAT/firewall
| |
| |
| |
Terminals Server
That way the Internet and your LAN can only see the firewall which is
much more secure. All you need to do is invest in a crappy old
computer to act as the Firewall (can be literally almost anything) and
a $100 switch (8 port 100 base-t).
>
> Tom, I agree with you. I decided to use the LTSP server as a
> NAT/Firewall server because my cable router didn't have enough ports
> to connect all my computers to it. In the end, I had to modify the
> Shorewall policy to accept ALL traffic from the LTSP LAN. I am,
> however, still interested to learn how to configure Shorewall to
> accommodate LTSP clients.
>
> Tom Brown <[EMAIL PROTECTED]> wrote:I know nothing about
> shorewall. What I do know is that (imho) you are
> better off placing the firewall on a separate machine between your
> router and your ltsp server. One of our volunteers at FREE GEEK
> MICHIANA has an LTSP server behind a firewall behind a cable modem.
> He (Goose) put his firewall-on-a-floppy on an old IBM PC 330 (P90,
> 32mb) with two nics. It works well.
>
> Tom
>
> At 11:14 AM 2/22/03 -0500, Conrad Lawes wrote:
>>I'm running LTSP on a multi-home server running Mandrake 9.0.
>>
>>configuration:
>>eth0 192.168.1.108 (external) connected to cable router.
>>eth1 192.168.0.1 (internal) LTSP LAN
>>
>>I installed and configured the shorewall firewall package and all
>> the LTSP clients fail to boot because TFTP traffic is being blocked
>> by shorewall.
>>
>>I assume that /etc/shorewall/rules & /etc/shorewall/policies files
>> must be updated to accept TFTP communication but my fiddling has
>> not worked thus far.
>>
>>Does anyone know how to correct this problem?
>>
>>TIA.
>>
>>
>>
>>
>>
>>
>>-------------------------------------------------------
>>This SF.net email is sponsored by: SlickEdit Inc. Develop an edge.
>> The most comprehensive and flexible code editor you can use.
>>Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day
>> Trial. www.slickedit.com/sourceforge
>>_____________________________________________________________________
>> Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto:
>> https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
>>For additional LTSP help, try #ltsp channel on irc.freenode.net
>>
>
>
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: SlickEdit Inc. Develop an edge.
> The most comprehensive and flexible code editor you can use.
> Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day
> Trial. www.slickedit.com/sourceforge
> _____________________________________________________________________
> Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto:
> https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
> For additional LTSP help, try #ltsp channel on irc.freenode.net
>
>
>
>
> Conrad Lawes
>
>
> ---------------------------------
> Do you Yahoo!?
> Yahoo! Tax Center - forms, calculators, tips, and more
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_____________________________________________________________________
Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto:
https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
For additional LTSP help, try #ltsp channel on irc.freenode.net
