|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
>> I believe that what LeRoy is doing is performing masquerading, where all
the
>> IP's behind the Linux box (including the DMZ) all have private IPs i.e.
>> 192.168.1.0.
>
> I think its more of bridging --- the input stream from one
> NIC is mirrored on the other NIC so the hosts there could
> get their own public ip's. Ive google'd this up before
> though i'm not sure how it exactly work (yet). Some tricks
> with arp.
Well, I'll leave this part to others, as I'm using a Linksys BEFSR41 and
haven't been successful setting up a linux router.
> really tempted to put a linux in front of that linksys,
> for one thing I've always wanted to let squid cache
> all web surfing...
You can set up squid inside your firewall. It doesn't have to run on the
firewall box. You just set up your browser settings to point to the box
running squid. Granted, it takes a little bit more setup work.
>> Most FAQs/HOWTOs you read will warn against running any services on a
>> firewall box if you end up using a linux box as a masquerading or NAT
>> firewall.
>
> ok then..looks like another one of my bad ideas ...
It's okay. Better to learn by asking than to learn by experiencing an
intrusion first hand, eh?
_________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion -- http://lists.netisland.net/mailman/listinfo/plug
|
|