like Greg(ory) says, knowing the volume is important -- or at least tell us what kind of connection you have to your ISP -- dial up ;-), DSL, ISDN, Cable, T1, T3. If DSL or Cable, do you know what kind of uplink and downlink bandwidth you are allowed (or use)?
Randy Kramer On Wednesday 05 March 2003 12:14 pm, Gregory Wood wrote: > You didn't mention volume. Also, public address and firewall seems to > be a contridiction. > > If the volume is small, many of the $100 USD firewall boxes will > work. There will be some work redirecting IP through the firewall. > > If the volume is higher or you just want a linux box then: > www.linuxrouter.org -- linux router project. > > It maybe that you can port scan your network and turn off everything > but what you really want on. > > Best of luck. > > > -----Original Message----- > From: Burner [mailto:[EMAIL PROTECTED] > Sent: Wednesday, March 05, 2003 10:21 AM > To: [EMAIL PROTECTED] > Subject: Routing with Linux > > > Hi > > My boos just asked me to build a Linux firewall to protect our > servers, we have about 20 servers, all configured with only the > public (internet) IP, and > connected through a switch directly to our IPS's router. > I've only build firewalls for small lan networks using NAT with > iptables/ipchains. > > I've read some iptables and iproute2 howtos, but i realy do not know > where to > begin, i dont even know if the hardware will be sufficient. P3/800 > 128Mb ram and two good NIC's. > > We don't need any advanced routing like bandwith balancing etc. I > just need to block most ports from public access and allow the > servers (win) to update from the internet. > > I would like to keep the public IP addresses on the servers if > possible. > > Maybe i should configure the linux router with all the external IP's > on one NIC, and give the protected servers local IP addresses. then > NAT the public IP/ports to the servers using iptables, this is a way > to do it, but is it i good way? > > I would be happy to recive any hints from someone who has done > anything like this before. > > //Burner -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
