Latest LQ Deal: Linux Power User Bundle
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 11-04-2003, 01:32 PM   #1
LQ Newbie
Registered: Oct 2003
Location: Erda, Utah
Distribution: linux 9
Posts: 26

Rep: Reputation: 15
Exclamation smoothwall dmz

I'm new to web and mail hosting and now that I think I have my servers and network set up I'm worried about a good firewall. I have ten machines on the network behind a nat firewall and am very happy with that setup. The thing I'm most worried about is the servers, I would like them to have some kind of firewall as well... I have just down loaded smoothwall express 2.0 beta 7... and I have been playing with it for the past couple of days. Here is where my question comes in...

Right now my network looks like this

|---Linux 9 dns & smtp
|---Win server 2000 Http
| |---Red--(63.X.X.X)
| |
| |---Orange--
| |
| |---Green --
| | |
| | |--- Private network

is this the best layout for my network or should the servers be behind the smoothwall orange somehow and if so how...

thanks to all that have helped me this far the people on this forum have been great...
Old 11-04-2003, 03:53 PM   #2
Registered: Jun 2002
Posts: 411

Rep: Reputation: 30
I'm no linux guru but i have used smoothwall quite a bit. its a good product. the set up is very simple and smoothwall will take care of most of your problems. any adjustments can be made through its gui web interface (suggested below). you just have to know your the address assigned by your ISP (assuming static), your 2 DNS servers, and assign two lan address subnets (here and

the red interface is for your router's connection to the internet and sensibly enough it has your routable IP address assigned by your ISP. all your outgoing and incoming traffic comes through here, eg routable

the green interface is for your trusted boxes acting as workstations or local intranet servers only. It will have its own IP address, eg All the clients on the green interface will use as their gateway, eg.,,, etc.

the orange zone is for your boxes providing services to external users for example,,,, etc. if you want your green interface boxes to get services from your orange boxes you will have to open pinholes as defined in the gui interface. after the install, you will need to assess any port forwarding issues (, eg forward port 80 to your webserver, port 25 to your mail server, port 53 to any dns server port, etc). there are other issues to consider, eg. you may have to modify your named.conf file on your dns server to use port 53 by uncommenting the port 53 setting that is typically provided.
Old 11-04-2003, 04:00 PM   #3
LQ Newbie
Registered: Oct 2003
Location: Erda, Utah
Distribution: linux 9
Posts: 26

Original Poster
Rep: Reputation: 15

thank you for your help this is finaly coming together in my head thanks...


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
DMZ-fli4l-smoothwall-nomachine saavik Linux - Networking 4 09-09-2005 02:01 AM
SmoothWall DMZ: problems with DHCP (i think!!??) jme Linux - Networking 8 03-12-2004 06:53 AM
Smoothwall, DMZ, Webserver, almost there. Grafbak Linux - Networking 3 07-01-2003 01:05 PM
DMZ on Smoothwall sheryco Linux - Networking 8 03-03-2003 11:34 AM
Smoothwall DMZ config AnotherNewbie Linux - Networking 2 06-09-2002 03:29 PM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 10:25 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration