On Wed, Jun 02, 2004 at 03:55:59PM -0400, Mike M wrote: > > It's the extra functionality I need/want. I want to pin-prick the > firewall to allow a particular IP to come through. I want to > further restrict the access to SSH activity on a particular machine on > my LAN.
That sounds like how I have run my firewall machine for quite some time. First under Linux and now ( recently ) OpenBSD. I have rules on the firewall that say that all SSH traffic go to one machine, HTTPS traffic to another, IMAPS traffic to another and incoming SMTP to another. ( actually there aren't quite that many individual machines, but you get the idea. ) The only way to get in to the firewall machine itself is from inside. Have fun! Brian -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
