> Just concerned about the firewall setup I suppose... Not quite
> certain how to set it up to allow email in, web surfing in, and
> still protect my internal network.
>
> I REALLY don't understand how firewalling works and if I can
> keep everything on the same network yet protected.
The way it works on my setup is (yay, I get to do ASCII art!):
(internet)
|
|
| <---- this side only allows web, anonymous FTP,
------------ ssh, and SMTP/POP/IMAP-over-SSL
| firewall |
------------
| <---- this side allows everything; whatever
------- services I want for the internal network
| hub |
-------
| | |
/ | \
(internal network)
The outside is firewalled using ipchains to disallow connections on all but
certain ports. So, if I have, say, a samba server for filesharing installed
on the firewall, I can get at it from my internal network, but it's
unavailable from the internet. Even though samba is listening for
connections, it will never see a connection on the outside network card
because the firewall runs at the kernel-level.
--
Ben Reed ([EMAIL PROTECTED])
http://defiance.dyndns.org/
Fight the InterNIC! http://www.opennic.unrated.net/
