Dan, I know there are quite a few folks here who think that any OS outside of OpenBSD is just begging to be cracked, but frankly I'm pretty satisfied with my Debian box, running exactly the config you're talking about. It's been doing so for at least 3 years now, and no problems. I could share my (underlying) iptables rule set with you, if you like. It's rather easy once you have the framework down, in my experience. I set mine up using an article in Linux Magazine as a reference, and their sample config as a basis for my own rules.
Let me know if you would like to see my iptables rules. My experiences with *BSD have been (much) less than satisfying, so if you have similar experiences, and wish to turn back, I'd be happy to help you get this up and running under Linux. Regards, Ben Pitzer --------------------------------------------- "Those that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." --Ben Franklin-- > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Behalf Of Dan Monjar > Sent: Monday, December 20, 2004 8:55 AM > To: TriLug > Subject: [TriLUG] using a Linux box as a pass-through filter > > > An idea I had late last night while I listened to the wind howl... would > it be possible to setup a Linux box with two nics and use various > firewall rules to filter traffic and ports... the possible gotcha is > that I don't want either nic to have an IP address. I want to take > traffic in on one port, analyze and drop unwanted packets and then push > the acceptable traffic out through the other nic. > > I want an in-line filter... > > I wish everyone on the list a Happy and Safe Holiday season. > -- > Dan Monjar > -- > TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug > TriLUG Organizational FAQ : http://trilug.org/faq/ > TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ > TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc > > -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
