Well,
Try the firewall floppy
It is very versatile and only requires a 386 along with 8megs RAM and a
couple NICS. I suppose you could alias all those IP's to the gateway,
and then redirect only certain traffic to your prototype boxes. Isn't
this where we originally started on this thread?
brian
On Tue, Feb 22, 2000 at 11:01:19PM +0000, Daniel de Young wrote:
> OK...
>
> Now I'm really aching to get off work and go try this out!!! Argghhh! Thanks
> guys. I will be tinkering until the wee hours I'm sure :-) I have an extra
> box I can use to route, but I was hoping to be able to secure one box really
> tight to protect the network and seperate my lab boxes so I dont have to mess
> with the network firewall much.
>
> I was thinking of setting up the firewall with no services running (nothing
> not needed) using Bastille on a minimum install. Then installing shh and setting
> the firewall to only allow from the local net. Then setting up a second hardened
> box with just shh running. The idea being that the firewall could only be reached
> indirectly and to add another layer to the security. I've got the IPs and the
> hardware. Anybody see a problem or consider it useless? why?
>
> Daniel
>
> >
> >Yes. Its the same as using a crossover cable between the modem and the
> >computer. It just lets you plug multiples in.
> >
> >Brian Lavender wrote:
> >>
> >> So, what you are saying is that you _can_ plug a switch into the Alcatel
>
> >> (or whatever bridge) and plug all your machines into that switch?
> >>
> >> On Tue, Feb 22, 2000 at 01:44:29PM -0800, Mike Machado wrote:
> >> > We use the exact same equipment that Pacbell uses for DSL (redback
> >> > SMS's) and we BRIDGE to the 5 IP customers, since its such a small space
>
> >> > we do not deal with routing. I am pretty sure you just plug your acetel
>
> >> > into the switch and assign IP's to the gateway Pacbell gave you. Every
>
> >> > machine on your network will all have the same gateway and netmask. If
>
> >> > unsure, call pacbell :).
> >> >
> >> >
> >> > Brian Lavender wrote:
> >> > >
> >> > > I believe you have to route those IP addresses. Since you got the
> >> > > enhanced, you probably got the external Alcatel. That device is a
> >> > > bridge. It has no address, but will "bridge" the data to your ethernet
>
> >> > > card which does have an address. I don't think you can plug the wire
>
> >> > > into a switch, because the packets won't know where to go. The router
> on
> >> > > Pacbell's side has no knowledge of you NIC cards MAC addresses that are
>
> >> > > also plugged into the switch. So, you will have to plug the wire into
>
> >> > > your Linux box into a NIC directly from the Alcatel. From there you have
>
> >> > > several options. You can put multiple NICs in the machine. That machine
>
> >> > > will be your gateway. You then can assign another NIC in that gateway
>
> >> > > an IP address. That takes two of your IP's. Then you can run that wire
>
> >> > > to your switch and you can have three other machines on that subnet
> >> > > with the routable IPs. That's just one of your options. Other options
>
> >> > > would be to Masquerade, or to alias all those IP's to the NIC that runs
>
> >> > > between your box and the alcatel. Then you could forward traffic that
>
> >> > > hits the routable NIC back into one of your boxes with a private IP.
>
> >> > >
> >> > > brian
> >> > >
> >> > > On Tue, Feb 22, 2000 at 08:15:51PM +0000, Daniel de Young wrote:
> >> > > > Well I just had DSL installed.
> >> > > >
> >> > > > I haven't been back yet to check it out, but I had a question.
> >> > > >
> >> > > > I had the guy leave an external 'modem' (so I can use Linux). What
> does this
> >> > > > modem do? does it condition the signal to be split over the ADSL line?
> Do
> >> > > > I plug the NIC into the modem?
> >> > > >
> >> > > > Also, I have 5 ip addresses... do I have to push 'all' traffic through
> the machine
> >> > > > with the modem installed? I wanted to run the DSL port into a switch
> and then
> >> > > > have each of the IPs on different machines without using any of them
> as a network
> >> > > > gateway. Is that out? :-)
> >> > >
> >> > > yes
> >> > >
> >> > > >
> >> > > > Any suggestions from people that have been using DSL for awhile?
> >> > > >
> >> > > > Thanks,
> >> > > >
> >> > > > Daniel
-- Brian Lavender http://www.brie.com/brian/ ********************************************************** * Sacramento Linux Users Group Mailing List * * Unsubscribe: Send a message to majordomo@saclug.org * With 'unsubscribe lug-nuts' in the body * * http://www.saclug.org
This archive was generated by hypermail 2b29 : Fri Feb 25 2000 - 14:29:13 PST