Static routes are fine for that few machines. ObFlameWarBait: GATED is better than routed. Orig Msg> BTW, congrats on the new position. Thanks. JLF Sends... It seems like on Fri, Feb 25, 2000 at 05:07:50PM -0500, Furmanek, Greg scribbled: Orig Msg> yeah, yeah... Keep on bragging Mr. CTO.... ;-P Orig Msg> Orig Msg> BTW, congrats on the new position. Orig Msg> P.S.. The ASCII was not that bad and the idea is correct. Orig Msg> Just as I thought. Orig Msg> Orig Msg> He will probably have to run routed to be able to Orig Msg> use legal IP addresses but the firewall stuff is just fine. Orig Msg> Orig Msg> The Wolf Orig Msg> Orig Msg> -----Original Message----- Orig Msg> From: J. Francois [mailto:frenchie@magusnet.gilbert.az.us] Orig Msg> Sent: Friday, February 25, 2000 3:04 PM Orig Msg> To: plug-discuss@lists.PLUG.phoenix.az.us Orig Msg> Subject: Re: firewall in Linux help Orig Msg> Orig Msg> Orig Msg> It seems like on Fri, Feb 25, 2000 at 10:02:24AM -0700, Kelly A Kirby Orig Msg> scribbled: Orig Msg> Orig Msg> I have a dsl router connected to Orig Msg> Orig Msg> the network hub. To this is connected Orig Msg> Orig Msg> 3 computers with minimum dual boot. Orig Msg> Orig Msg> Orig Msg> Orig Msg> Each computer would have to have their Orig Msg> Orig Msg> own firewall initiated. Orig Msg> Orig Msg> Orig Msg> Orig Msg> Thank you Orig Msg> Orig Msg> Orig Msg> Orig Msg> Kelly Orig Msg> Orig Msg> --- Orig Msg> Orig Msg> http://www.kirbyswebdesigns.com Orig Msg> Orig Msg> designs@kirbyswebdesigns.com Orig Msg> Orig Msg> ICQ: 6576900 Orig Msg> Orig Msg> AIM: EvnRane Orig Msg> Orig Msg> Orig Msg> Orig Msg> On Fri, 25 Feb 2000 11:33:59 Furmanek, Greg wrote: Orig Msg> Orig Msg> >I thought everyone would have jumped on this one. Orig Msg> Orig Msg> >I know a lot of people have firewall knowledge here. Orig Msg> Orig Msg> > Orig Msg> Orig Msg> >To setup packet filtering firewall you should look Orig Msg> Orig Msg> >at ipchains. Orig Msg> Orig Msg> >There is a pretty decent script for enabling ipchains in: Orig Msg> Orig Msg> >http://www.ecst.csuchico.edu/~dranch/LINUX/TrinityOS.wri Orig Msg> Orig Msg> > Orig Msg> Orig Msg> >Other material: Orig Msg> Orig Msg> > Orig Msg> Orig Msg> >IPCHAINS-HOWTO Orig Msg> Orig Msg> > Orig Msg> Orig Msg> >Of cause I am assuming you are using Linux as Orig Msg> Orig Msg> >your firewall. Orig Msg> Orig Msg> > Orig Msg> Orig Msg> >The Wolf Orig Msg> Orig Msg> > Orig Msg> Orig Msg> Sorry, I have companies to run so I am delayed Orig Msg> in answering my PLUG mail :) Orig Msg> Orig Msg> Only 1 firewall needed. Orig Msg> Orig Msg> UGLY ASCII ART FOLLOWS: | |--> Host1 Orig Msg> |H|--> Host2 Orig Msg> DSL router <--> Linux Firewall <-|U|--> Host3 Orig Msg> |B|--> Host4 Orig Msg> Orig Msg> Configure the DSL router to only accept connections from Orig Msg> the Linux Firewall. Orig Msg> Configure the Hosts to only talk to the firewall. Orig Msg> The firewall will have 2 Ethernet cards, one for each network segment. Orig Msg> Sleep better at night. Orig Msg> Orig Msg> I have a 4 port DSL modem and only use 1 port in a configuration Orig Msg> similar to the one above. Orig Msg> Orig Msg> See: http://www.magusnet.com/magusnet1.html for an example. Orig Msg> Orig Msg> Jean Francois Sends... Orig Msg> President & CEO MagusNet, Inc. Orig Msg> MagusNet.com Orig Msg> CTO EBIZ Enterprises, Inc. Orig Msg> TheLinuxStore.com,TheLinuxLab.com,LinuxWired.net Orig Msg>