Simple proxy-arp setup needed
From: Jonas Simpson (jonassimpson_at_yahoo.com)
Date: 09/30/03
- Next message: Dave Carrigan: "Re: VPN setup"
- Previous message: Jason Lee: "Re: iptables port forwarding"
- Next in thread: David Efflandt: "Re: Simple proxy-arp setup needed"
- Reply: David Efflandt: "Re: Simple proxy-arp setup needed"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: 30 Sep 2003 08:57:58 -0700
Hi folks,
I have an existing network with an entire /24 of public addresses.
There are several machines I want to move behind a firewall but I
can't subnet the /24 (address usage is spread out over its entirety)
and I can't change the IP addresses of the servers (addresses have
been hard-coded in several places - not by me, but...)
I've used Watchguard Firebox products before and they feature a
drop-in mode that lets them sit transparently between machines on any
two interfaces and still filter traffic. I'm pretty sure they use
proxy-arp to achieve this. We can't afford a Firebox to do this job,
but I need something similar.
What's the shortest path to a working firewall that will achieve this.
I am comfortable with command-line only but the longer term
maintenance of the firewall will require a web interface or gui of
some kind. I've seen some mention of this stuff with Shorewall,
Mandrake MNF, Astaro and other options but I'd love to have some
feedback from the group about what has worked easily for you.
Thanks,
JS
- Next message: Dave Carrigan: "Re: VPN setup"
- Previous message: Jason Lee: "Re: iptables port forwarding"
- Next in thread: David Efflandt: "Re: Simple proxy-arp setup needed"
- Reply: David Efflandt: "Re: Simple proxy-arp setup needed"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
