run dhcpd on ethernet 1, and allow it to manage the ip addresses on your
internal network. Configure DHCP to give out private IP addresses
(192.168.x.x) or (10.x.x.x)
depending on your network's needs you can either:
1. run squid on your firewall server, and configure IP chains to redirect
HTTP requests to the squid server
2. don't run ipchains redirect, and force them to configure the proxy
settings themselves.
3. run IP MASQ for all connections including HTTP (very poor choice)
Having a private ip address network creates a natural firewall, as the
public net will have no way of accessing machines on your private network.
Of course you should secure your gateway box, and that means upgrading
most critical packages if your distro is old.
On Mon, 30 Apr 2001, Ina Patricia Lopez wrote:
> router(s0)-------->myISP
> (e0)
> |
> |
> (eth1)linux(eth0)
> |
> |
> +---------------+----------+---------------+--------------+
> | | | | |
> srv1 svr2 svr3 svr4 svr5
>
>
> i have /27, and i want to put a linux firewall with 2 ethernet ports.
> how do i assign my ip addresses?
>
>
> thanx,
> ina
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Auctions - buy the things you want at great prices
> http://auctions.yahoo.com/
> _
> Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
> To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
>
> To subscribe to the Linux Newbies' List: send "subscribe" in the body to
>[EMAIL PROTECTED]
>
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
