Re: firewall setup xdsl: eth0/eth1/ppp0?
From: Ken Irving (fnkci_at_uaf.edu)
Date: 11/05/03
- Previous message: Hendrik Sirges: "WindowMaker Attributes"
- In reply to: Andreas Bohnert: "firewall setup xdsl: eth0/eth1/ppp0?"
- Next in thread: Doug MacFarlane: "Re: firewall setup xdsl: eth0/eth1/ppp0?"
- Reply: Doug MacFarlane: "Re: firewall setup xdsl: eth0/eth1/ppp0?"
- Reply: Doug MacFarlane: "Re: firewall setup xdsl: eth0/eth1/ppp0?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Wed, 5 Nov 2003 01:15:18 -0900 To: debian-user@lists.debian.org
On Wed, Nov 05, 2003 at 09:52:42AM +0100, Andreas Bohnert wrote:
> Hi,
> I don't know how to setup my firewall for my new xdsl connection. I
> saw some posting concerning adsl, so maybe there are some
> people, who know how to handle this.
I'm not sure what you're talking about, with xdsl and lokal, but I'd
recommend the shorewall firewall. It takes a bit of configuration, but
pretty minimal, and straightforward if you follow the docs and examples.
I've used it for a dsl connection with pppoe on interface eth0, internal
network on eth1. The woody/stable package is not exactly current, but
very workable and the docs and examples are available for it. I'm sure
unstable is at the latest version, so might be preferable especially
if you feel the need to request help (most questions on the shorewall
list are answered by the developer, often to implore folks to read
and follow the docs).
Maybe this is off the mark for your situation, I don't know. Good luck!
Ken
>
> here is my situation:
>
> eth0 is connect to my private network (192.168.0.1).
> my eth1 gets an lokal ip from my xdsl router (subnet 10.x.x.x).
> than I have to build up a tunnel connection with my router with pptp.
> now I have ppp0, which is my xdsl interface.
>
> this works fine, but now I have to setup my firewall!
>
> I know ppp0 is my external interface now, but what about eth1 (which
> is connect to my router)?
> I looked around and some people say, they setup the firewall like this:
> eth0 (private) = FW_DEV_INT
> eth1 (connect to router) = FW_DEV_INT !!
> ppp0 (xdsl) = FW_DEV_EXT
>
> but somehow I think, eth1 should be FW_DEV_EXT as well, because it's
> phyiscally connected to the internet.
> also, what about the firewall between ppp0 and eth1 - it shouldn't
> block communication.
>
> so, what do you think, if I configure eth1 as external?
>
> thanks for any advice!
>
> andreas
>
>
>
> --
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>
-- Ken Irving, Research Analyst, fnkci@uaf.edu, 907-474-6152 Water and Environmental Research Center Institute of Northern Engineering University of Alaska, Fairbanks -- To UNSUBSCRIBE, email to debian-user-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
- Previous message: Hendrik Sirges: "WindowMaker Attributes"
- In reply to: Andreas Bohnert: "firewall setup xdsl: eth0/eth1/ppp0?"
- Next in thread: Doug MacFarlane: "Re: firewall setup xdsl: eth0/eth1/ppp0?"
- Reply: Doug MacFarlane: "Re: firewall setup xdsl: eth0/eth1/ppp0?"
- Reply: Doug MacFarlane: "Re: firewall setup xdsl: eth0/eth1/ppp0?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
