From owner-freebsd-security Tue Mar 13 9:33:40 2001 Delivered-To: freebsd-security@freebsd.org Received: from mailgate.kechara.net (mailgate.kechara.net [62.49.139.2]) by hub.freebsd.org (Postfix) with ESMTP id C795237B718 for ; Tue, 13 Mar 2001 09:33:32 -0800 (PST) (envelope-from lee@kechara.net) Received: from area57 (lan-fw.kechara.net [62.49.139.3]) by mailgate.kechara.net (8.9.3/8.9.3) with SMTP id SAA10102 for ; Tue, 13 Mar 2001 18:43:33 GMT Message-Id: <200103131843.SAA10102@mailgate.kechara.net> Date: Tue, 13 Mar 2001 17:37:22 -0000 To: security@freebsd.org From: Lee Smallbone Subject: Re: [OT?] - Central point router Reply-To: lee@kechara.net Organization: Kechara Internet X-Mailer: Opera 5.02 build 856a X-Priority: 3 (Normal) Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org That didn't come out too well... If anyone can help, please let me know (from the text description) and I'll mail you a txt attachment with a proper 'map'. Thanks. 13/03/2001 17:35:00, Lee Smallbone wrote: >Hi, > > I'm trying to set up a router (running freebsd) that will allow me to have > all network traffic on one network segment run through this router. This > is for purposes of applying global firewall rules, and also for traffic monitoring. > My setup looks a little something like this: > > 62.xx.139.1 >(internet) --- [telco supplied router] > | > | > | > [10/100 Switch] ----------- [firewall]-------(privately addressed LAN) > / | \ > [server 3] | \ > 62.xx.139.6 | \ > | \ > | [server 1] > [server 2] 62.xx.139.4 > 62.xx.139.5 > > >What I'd like to be able to do is have a similar setup, but for it to look like this: > > 62.xx.139.1 >(internet) --- [telco supplied router] > | > | > | 62.xx.139.3 > [10/100 Switch] ----------- [firewall]-------(privately addressed LAN) > | > | > 62.xx.139.7 > ========[router/firewall]========== > / | \ > [server 3] | \ > 62.xx.139.6 | \ > | \ > | [server 1] > [server 2] 62.xx.139.4 > 62.xx.139.5 > > How can I achieve this? Any traffic destined for say, 62.xx.139.5 would have to > pass via 62.xx.139.7 first. > > Any help appreciated. > >-- > >Lee Smallbone >Kechara Internet > >lee@kechara.net >www.kechara.net > >Tel: (01243) 869 969 >Fax: (01243) 866 685 > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message > -- Lee Smallbone Kechara Internet lee@kechara.net www.kechara.net Tel: (01243) 869 969 Fax: (01243) 866 685 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message