the other neat thing about this setup is that it can be *very* minimalistic. the box that jon referenced is using a 1gb disk with 70% free space, 32mb ram w/ 20mb free and 6 runnng processes.
management is also different from most linux setups. since it has no IP addresses on either interface, you can't ssh to it. instead, you ssh to another host and run minicom which communicates with the firewall via a serial port. this particular hardware has the ability to direct the bios display to a serial port, so you can actually see the bootup info and even change bios options remotely. pretty slick :-) props to aaron joyner who helped with the setup and configuration of this particular device. jason On Saturday 01 May 2004 19:35, Jon Carnes wrote: > Jason Tower showed me a neat trick the other day - using OpenBSD to > insert a Firewall/packet filter transparently into an existing > network. > > The firewall uses no ip addresses and sits between the router and the > companies external switch. The external switch has various boxen > attached - each of which uses an external IP address. All the > external IP addresses are in use, so the firewall/packet filter had > to be inserted without using any additional IP's. > > This does the trick rather nicely: > http://www.openbsd.org/faq/faq6.html#Bridge > > Enjoy! -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
