shorewall with 2 external static ips and DMZ

		LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
shorewall with 2 external static ips and DMZ

Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Welcome to LinuxQuestions.org, a friendly and active Linux Community.

You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!

Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.

Are you new to LinuxQuestions.org? Visit the following links:
Site Howto | Site FAQ | Sitemap | Register Now

If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.

Having a problem logging in? Please visit this page to clear all LQ-related cookies.

LinkBack

Search this Thread

05-10-2004, 09:31 PM	#1
gjmwalsh Member Registered: Jul 2003 Location: Victoria, British Columbia Distribution: Mandriva 2010 (cooker) with Bind9, Sendmail, Postgresql and Apache2 servers Posts: 62 Rep:	shorewall with 2 external static ips and DMZ At present, I have 2 external static IPs, one of which, eth0, is the usual gateway for the internet and the second is another site which will be an IP based virtual host to provide SSL security later. These 2 IPs run from ADSL through a hib to their respective ethernet cards. The server has 3 additional ethernet cards: eth2 handles traffic for 2 name-based virtual hosts, eth3 handles mail services for all users, and eth4 is totally off limits to internet users. Connectivity has not been a problem, nor has local DNS. Now its about the firewall ...... What I have tried to do first was divide traffic by type, which creates 2 dmz areas (eth2 and eth3) as well as internal lan networks (192.168.0.0, 192.168.1.0, 192.168.2.0 and 192.168.3.0) This permits an easier migration of developing sites to dedicated colo servers later on. It seems I should be able to adapt the 'three-interface firewall' in shorewall's documentation. The only potentially 'messy' area is in the Proxy ARP (or DNAT) setup, as I see it. Am I heading for an unseen cliff???? Any thoughts or suggestions would be most welcome.

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts BB code is On Smilies are On [IMG] code is Off HTML code is Off Trackbacks are Off Pingbacks are On Refbacks are Off Forum Rules

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
snort 2.4.1 (inline IPS) +shorewall 2.4.x where best to insert the QUEUE in iptables	Emmanuel_uk	Linux - Security	5	10-18-2005 06:48 AM
ADSL and multiple external static IPs	adasko	Linux - Networking	3	09-15-2005 07:01 PM
MNF - Trouble Moving IPs behind the DMZ	comkid	Linux - Networking	1	11-15-2004 10:55 AM
Static NAT / DMZ / VPN question	Funky D	Linux - Networking	1	10-22-2004 07:17 AM
routing problem with 2 static (external) IPs	gjmwalsh	Linux - Networking	3	05-23-2004 09:17 PM

All times are GMT -5. The time now is 09:10 PM.

Main Menu

(Con't)

My LQ

Write for LQ

LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.

Main Menu

Syndicate

Latest Threads

LQ News

Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions