/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */ Hi, Never posted here before, so hope I do it correctly. I am working with the Trinity OS firewall rule set 3.81. Excellent. A firewall book (ISBN 1-56592-871-7) suggests a perimeter network for better security from attacks on web and mail servers and for stronger protection internal network from hacked web or mail servers. A small network (DMZ?) placed in front of internal firewall is, mostly, protected by outer firewall except for port forwarding through to web and mail servers. Is it possible to place a network between 2 masked machines? For example: Internal mask machine protects internal network and allows no port forwarding backwards through it. Internal address is 192.168.0.1. Address on perimeter network is 172.16.0.5. Web server, mail server, etc are located on 172.16.0.0 perimeter network. External mask machine protects perimeter network and internal network but allows port forwarding to perimeter network (172.16.0.0) back to web and mail servers from Internet. Perimeter network address is 172.16.0.1 and public address is 123.123.123.123. Thank you, in advance, for your help. Mark Mark's Communications Support, Inc. _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
