From owner-freebsd-questions@FreeBSD.ORG Tue May 11 09:21:31 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 16BD616A4CE for ; Tue, 11 May 2004 09:21:31 -0700 (PDT) Received: from bsdjunky.homeunix.org (adsl-217-179-211.owb.bellsouth.net [68.217.179.211]) by mx1.FreeBSD.org (Postfix) with ESMTP id 20D9043D54 for ; Tue, 11 May 2004 09:21:28 -0700 (PDT) (envelope-from b_cassidy@bellsouth.net) Received: by bsdjunky.homeunix.org (Postfix, from userid 1001) id 60EF8928; Tue, 11 May 2004 12:31:57 -0500 (CDT) Date: Tue, 11 May 2004 12:31:57 -0500 From: Bryan Cassidy To: freebsd-questions@freebsd.org Message-ID: <20040511173157.GA82076@bellsouth.net> References: <20040511052016.GA23553@bellsouth.net> <020f01c43718$98959860$0201a8c0@dredster> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <020f01c43718$98959860$0201a8c0@dredster> User-Agent: Mutt/1.4.2.1i X-Operating-System: FreeBSD 4.9 -p7 X-Mailer: See User-Agent Sender: b_cassidy@bellsouth.net Subject: Re: OpenBSD/ (maybe FreeBSD) Firewall/Router/DNS X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Bryan Cassidy List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 May 2004 16:21:31 -0000 Sounds good to me but I'm still confused about how I need to set this up hardware wise. The link at freebsddiary sounds good to start with I guess. I don't know if I need any extra hardware either. I have at the moment 2 NICs and 2 crossover cables. Do I need more? Do I keep the NIC in this machine or do I move it to the machine that will be acting as a firewall/router/gateway? How do I set this up? Still confused on this part. On Tue, May 11, 2004 at 12:26:59AM -0500, Micheal Patterson wrote: > > > ----- Original Message ----- > From: "Bryan Cassidy" > To: > Sent: Tuesday, May 11, 2004 12:20 AM > Subject: OpenBSD/ (maybe FreeBSD) Firewall/Router/DNS > > > > Hello. I am currently running FreeBSD 4.9-RELEASE p-7. I am pretty > comfortable with FreeBSD for the most part and really enjoy using it on a > day to day basis. This is my thoughts. I have an older NEC PC that I would > like to put to some use. First off I don't know if I need any 'extra' > hardware. I have now 1 DSL modem (dhcp - could get static, is it worth > getting?), 3 NICs, and 2 cables to connect the ethernet cards. I have just > been reading up on Firewalls on FreeBSD using ipfw. I would basically like > to do the following. I want to install OpenBSD 3.5 or Possibly one of the > FreeBSD 4.x, 5.x, 4-stable, current or whatever. Which would you all > recommend using in this situation? I want to continue to use my nice newer, > much faster computer to do all configurations to the system, updates, > installing software, running apache, configuring firewall, etc. etc. etc. > via ssh (good choice?) to the other/older box. Would really appreciate some > insight on this topic. Networking/Security is becoming very interesting to > my. Thanks. Don't forget, do I need any 'extra' hardware? > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > > > > I can't speak for anyone else but myself, but here's my opinion on this. > > If you have an older box, you'll need 2 nics. One (external / serial > interface) to the dsl modem (crossover cable), one to the lan side. If this > is also to a PC, you'll need another crossover cable. If the old NEC is a > 486 with at least 32 mb ram, that should be all you'll need hardware wise as > long a it's got a couple of gig for drive space. If you want to enable full > firewall logging, you'll need more disk space for that of course. What I'd > recommend doing in your situation, is the same as I have here at home. Have > the bsd box (I prefer freebsd myself) connect to your provider and pull the > ip on the serial interface, then assign a private ip to the internal nic and > to the systems behind it on the lan. Then on the bsd box, enable nat and the > first rule of your firewall will be a divert rule to pass everything to NAT. > > For more info on this and it's configuration, check out > > > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/book.html > > or > > http://www.freebsddiary.org/ipfw.php > > If you're still wanting more info, then I'd recommend a google search for > freebsd natd and / or freebsd ipfw to get a lot of good and useful info. > > Hope it helps. > -- > > Micheal Patterson > TSG Network Administration > 405-917-0600 > > Confidentiality Notice: This e-mail message, including any attachments, is > for the sole use of the intended recipient(s) and may contain confidential > and privileged information. Any unauthorized review, use, disclosure or > distribution is prohibited. If you are not the intended recipient, please > contact the sender by reply e-mail and destroy all copies of the original > message. > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"