Re: Firewall

Tue, 30 Jan 2001 15:16:45 -0600 

On Tue, Jan 30, 2001 at 11:44:29AM -0500, [EMAIL PROTECTED] wrote:
> I have some questions about building a firewall.  I currently have a cable 
> modem connection which of course gives me a static IP address.  If I was to 
> build a firewall using a old 486 could I still assign my Debian box the 
> static IP address as it is needed for my server which I use for 
> hosting.  Or would the 486 use the static IP and assign the Debian box a 
> private IP address?  Also I know there are many firewall how to's out there 
> but would appreciate any recommendations.

if you're using debian for your firewall:

        apt-get install ipmasq

here's the setup:

        +----------+ ] eth0 = your.ip.number --> internet
        |  debian  |
        | firewall |
        +----------+ ] eth1 = 192.168.1.1    --> +-----+
                                             --> |     |
                       box1 = 192.168.1.39   --> | hub |
                                             --> |     |
                                   boxn = 192.168.1.215  --> +-----+

edit /etc/network/interfaces to mirror your configuration:

        # /etc/network/interfaces -- configuration file for ifup(8), ifdown(8)

        # The loopback interface
        iface lo inet loopback

        iface eth1 inet static
                address 192.168.1.1
                netmask 255.255.255.0
                network 192.168.1.0
                broadcast 192.168.1.255
                # other localnet addrs can be anything in
                # the 192.168.1.[2-254] range

        # if your address isn't static, do this:
        #       iface eth0 inet dhcp
        iface eth0 inet static
                address YOUR.REAL.IP.NUMBER
                netmask 255.255.255.0
                network YOUR.REAL.IP.0
                broadcast YOUR.REAL.IP.255
                gateway YOUR.UPSTREAM.NET.NUMBER
                # for me, it's my cablemodem number
                # which is only 1 different from my
                # debian/internet address. yours might
                # just be your ISP server addr...

and then just

        ipmasq -v

to implement it.

i think. :) if this reformats your hard drive, gives your
neightbors shingles, or straightens out the earth's axis,
don't use it.

-- 
See, if you were allowed to keep the money, you wouldn't
create jobs with it. You'd throw it in the bushes or
something.  But the government will spend it, thereby
creating jobs.      -- Dave Barry

[EMAIL PROTECTED]    ***    http://www.dontUthink.com/

http://groups.yahoo.com/group/newbieDoc -- next week's
newbie needs your brain: document your experience today!

Reply via email to