Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have a LAN which I am very happy with at the moment. I am using a Linksys WAG5GX2 ADSL modem/wi-fi router with 3 wired and 2 wireless computers behind it.
1 of the wired machines is my Debian box (with 1 NIC) which acts as a web server, mail server, DNS server and file server (and probably a few more servers which I've forgotten!)
But, I am told it would be better if I had another machine, running Shorewall or similar on it, as a gateway between the internet and my LAN - but I am unsure how to do this.
I have a seperate USB ADSL modem (a BT Voyager 150) which I used when I only had one PC. I want this to connect to the gateway, and then the gateway connects to my Linksys router which (I think) would share the Internet connection.
Actually if I had a machine providing Internet accessible services I would want to put it in a DMZ interface separate from the rest of my internal network.
Code:
Internet
|
|
(public / Internet)
|
|
<eth0>
Shorewall firewall<eth1>-------(DMZ)-------Web Server
<eth2>
|
|
(private / Internal LAN)
|
|
Rest of the PC's on your LAN
the DMZ feature on your broadband router is a misnomer. if the DMZ area is the same area as the internal LAN there is no separation, so therefore no true DMZ..
A firewall with 3 Interfaces (public / DMZ / Private ) can provide that true separation, to achieve the security level you should have.
thanks farslayer, that is now going to be my weekend project!
However, I am unsure which router to buy. It needs to be wireless, but also needs to have about 6 ethernet connections availible as well. I've been looking on ebuyer.co.uk, but I cannot find one. What should I get?
The ZyWALL 2WG offers the Secure Zone technology that SOHO users can simply deploy access servers in a DMZ zone separated from the trusted local network (LAN). The DMZ zone and WLAN zone have their own DHCP service, and all zones are securely segregated by firewall rules.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.