Firewall Help

[der.hans]

Am 18. Sep, 2002 schwätzte Justin Wilson so:

> I am hoping that someone might be able to help me help someone else.
>
> I am trying to help a friend out who has a small network that he runs
> services off of, do to the way he needs his Webservers to access his
> Database, he needs a direct connection to the DB server, so he cannot
> put his webserver outside his main firewall. So I suggested that he
> place his Webserver inside his firewall and run port forwarding to the
> webserver, his DNS servers, mail server, and two windows boxes that he
> is running VNC on.
>
> Well the one problem he has is that he has multiple IPs that he is using
> for his various servers. All the sample firewall scripts and Howto's
> that I can find are for implementing port forwarding are with a single
> IP on the firewall and forwarding the various ports on that IP to the
> other boxes. So therefore the problem that I have is with the DNS
> servers and the VNC systems, they require the same port, so I want to
> run multiple IPs on a single NIC on the firewall and forward the ports
> from specific IPs to the various boxes that are running the needed
> services.
>
> Is this the way to do this or is there a better way, and if it is the
> way to do it where can I get an example or a Howto?

Look at FireStarter. Set it up with one external IP port forwarding.

You can then add the extra port forwarding to /etc/firestarter/portfw fairly
easily.

Adjusting /etc/firestarter/firewall.sh to allow all 3 incoming IPs is a
little more difficult, but still pretty easy if you can write shell scripts.

ciao,

der.hans
-- 
#  https://www.LuftHans.com/    http://www.TOLISGroup.com/
#  You can't handle the source! - der.hans