-----------Haim Ashkenazi wrote: > On Sat, 22 Mar 2003 06:24:02 -0300 > Eduardo Rocha Costa <[EMAIL PROTECTED]> wrote: > > > Hi, first of all sorry my poor English I'll try my best. > > > > I have the following scheme in my lab: > > > > INTERNET --- firewall --- local network > > > > I have real ip's for all computers in the lab, so I don't need nat, > > but I don't know how to set this and can't find any documentation > > how to build a firewall for that. So I did a local network > > with private ip's (10.0....). > > This was not a problem since we can do all things normally. > > But now, some problems are appearing, we build two web server and one > > file server. And now the main router of the university is routing the > > real ip address of the web services through my firewall and I don't > > know how to set this things, to the web server and the file server can > > be seen on the INTERNET. > > Can some one help? Or point to some good documentation > > By the way, we want the servers to have the real ip's and > > the others private ip's. > > > > Thank you > > > > > > -- > > Eduardo Rocha Costa > > [EMAIL PROTECTED] > Hi > > iptables is not easy to understand. that's where some front-ends come to > your aid. I suggest using shorewall (apt-get install shorewall). it's > decently documented and comes with examples. you should divide your > network to zones (internet, local, dmz, lab, etc...) set them in the > "zones" file and create the policy and rules. also masquerading and nat > are very easy to configure with shorewall. > Thanks for the advice, shorewall is very good... only 4 hours and I make the configuration !!
> > Bye > -- > Haim > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- Eduardo Rocha Costa [EMAIL PROTECTED]
