From owner-freebsd-questions@FreeBSD.ORG Wed Sep 1 17:56:08 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 778F816A4CE for ; Wed, 1 Sep 2004 17:56:08 +0000 (GMT) Received: from pearl.ibctech.ca (dev.eagle.ca [209.167.58.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6543B43D31 for ; Wed, 1 Sep 2004 17:56:07 +0000 (GMT) (envelope-from iaccounts@ibctech.ca) Received: (qmail 1381 invoked by uid 1002); 1 Sep 2004 17:57:20 -0000 Received: from iaccounts@ibctech.ca by pearl.ibctech.ca by uid 89 with qmail-scanner-1.22 (clamscan: 0.73. spamassassin: 2.64. Clear:RC:1(127.0.0.1):. Processed in 1.435407 secs); 01 Sep 2004 17:57:20 -0000 Received: from unknown (HELO webmail.ibctech.ca) (127.0.0.1) by localhost.ibctech.ca with SMTP; 1 Sep 2004 17:57:18 -0000 Received: from 209.167.16.15 (SquirrelMail authenticated user steve@ibctech.ca); by webmail.ibctech.ca with HTTP; Wed, 1 Sep 2004 13:57:18 -0400 (EDT) Message-ID: <3772.209.167.16.15.1094061438.squirrel@209.167.16.15> In-Reply-To: <01b601c49047$1a440680$4df24243@tsgincorporated.com> References: <200409011227.i81CRIKf015186@nic-naa.net> <01b601c49047$1a440680$4df24243@tsgincorporated.com> Date: Wed, 1 Sep 2004 13:57:18 -0400 (EDT) From: "Steve Bertrand" To: "Micheal Patterson" User-Agent: SquirrelMail/1.4.3a X-Mailer: SquirrelMail/1.4.3a MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal cc: Eric Brunner-Williams in Portland Maine cc: freebsd-questions-en Subject: Re: setup firewall/router/proxy X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Sep 2004 17:56:08 -0000 > It's been a long time since I've played with Linux in general, last > one was > RH. If Mandrake has ipchains or ipfw, I'd say go with either and still > use > squid. It's popular, easy to configure, works well and has support. It > shouldn't need any routing daemon as long as none of the advanced > routing > protocols are needed. > I assumed by ``routing'', you meant Network Address Translation (NAT), which is called natd and is included as part of the base system. `routed', is a router _discovery_ protocol, and used if your router has multiple routes and the network is configured to share this information. If you simply want an internal network translated to a public IP, use natd+IPFW (my choice), and if you have more than the default route for the internal network, for simplicity sake you can manipulate your routing table and specify static routes using the route(8) command. ...and as I and others have said, squid is probably the best choice for proxy. Using IPFW with a squid proxy, you can even configure it for transparent mode, so you don't have to modify the browsers at all. There are a few docs out there for this... Steve > -- > > Micheal Patterson > TSG Network Administration > 405-917-0600 > > Confidentiality Notice: This e-mail message, including any > attachments, > is for the sole use of the intended recipient(s) and may contain > confidential and privileged information. Any unauthorized review, use, > disclosure or distribution is prohibited. If you are not the intended > recipient, please contact the sender by reply e-mail and destroy all > copies of the original message. > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" >