On Wed, 7 Mar 2007, John Andersen wrote:
> On Tuesday 06 March 2007, Jon Clausen wrote:
> > I'm by no means an iptables authority, and I'll probably never become one
> > either.
>
> But Tom Eastep (Shorewall author) is. The guy is a wizard, and really knows
> his stuff. I've been using shorewall for years on Suse and now also on
> Kubuntu.
>
> What ever you do READ the QUICK START GUIDES. It will save
> so much time.
>
> Every site I maintain does egress filtering with Shorewall. Especially
> for port 25.
Could I get a sample of some of your configs? My main problem is as such.
I have SuSEfirewall working but complains from yast I would like to look
at shorewall, but I have not gotten configs correct.
I have a Class C network and all machine I want visiable to the world are
one it. I also have part of an other Class C that I share with others.
So I have a machine with three network cards as my router/firewall. Here
is a diagram that shows network. Most machines have two NIC's public and
private.
Internet Internet
| |
| X.X.X.X Partial Class C | Download Dynamic IP
| Y.Y.Y.Y Full Class C |__
| |
| System System |
| shared shared | DHCP IP
| storage storage |
--------- --------- --------- ---------
| | | | | | | |
| |---+ | | | | | |
| 1 | |P | 2 | | 3 | | 4 |
| | |B | | | | | |
| | | | | | | | |
| | |I | | | | | |
--------- |P --------- --------- ---------
| | | | |
| --------- | | |
| | HUB/ |-----------------+----------------+----
| | Switch| | | | |
| --------- | | | |
| | | Other Systems
| 192.168.x.x | | Unix/Linux
| | |
| & MS Machines | | MS Masquarded
---------- --------- --------- ---------
| HUB/ |-+ | | | | | |
| Switch | | | | | | | |
---------- | | 5 | | 6 | | 7 |...
+----| | | | | |
| | | | | | |
| --------- --------- ---------
+--------|---------------|---------------|
--
Boyd Gerber <[EMAIL PROTECTED]>
ZENEZ 1042 East Fort Union #135, Midvale Utah 84047
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
