From owner-freebsd-ipfw Fri Jan 14 8:29:56 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from mail.rz.fh-wilhelmshaven.de (mail.rz.fh-wilhelmshaven.de [139.13.25.134]) by hub.freebsd.org (Postfix) with ESMTP id 4E30515682 for ; Fri, 14 Jan 2000 08:29:08 -0800 (PST) (envelope-from ohoyer@fbwi.fh-wilhelmshaven.de) Received: from fettesau.stuwo.fh-wilhelmshaven.de (stuwopc5.stuwo.fh-wilhelmshaven.de [139.13.209.5]) by mail.rz.fh-wilhelmshaven.de (8.9.3/8.9.3) with SMTP id RAA08368 for ; Fri, 14 Jan 2000 17:28:37 +0100 (MET) Message-Id: <4.1.20000114165656.00c8d940@mail.rz.fh-wilhelmshaven.de> X-Sender: ohoyer@mail.rz.fh-wilhelmshaven.de X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 Date: Fri, 14 Jan 2000 17:26:31 +0100 To: freebsd-ipfw@FreeBSD.ORG From: Olaf Hoyer Subject: Simple router with basic firewall functionalioties Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi! Well, I want to recycle my old 486 for a security project... Basic idea is, since i'm sitting on a LAN with my machine here in our students home, I want to have a second machine as a router/gateway/firewall betwenn my vaued box an the rest of my fellow bas-ass students... Are there any links to good documentation regarding this? Or could someone tell some issues with the following config: 486/66 or 100 or: 486/sx 25 16/32 MB RAM 8/16 MB RAM 1 GB HDD 300 MB HDD 2 NIC (whether cheap Realtek ISA or AMD PCnet ISA from Allied telesyn) I have a FBSD 3.2 R here, or should I have a look at a different distro? Basic issues I thought of: our university has a class-B network, where we have gotten a Class C-subset for our home. DHCP is running, central administered by the university.there are also some IPs free by now..., so no problem if I use more than one. So I want to connect the 486 to the TP network jack, then connect the big machine with coax or TP to the second NIC. I understand that I must have packet forwarding activated/compiled. I also heard a lot about IP masquerading/NAT. CAn anyone explain the difference between them, and give me some opinion if thats preferrable or not? Some braindead jerks are also trying to make funny games, like nuking computers and that stuff of network games, mainly targeted on the M$ machines running here. Any opinions about that, except that a UN*X runs better here? Detection/Trace/Retaliation-wise? I also thought about a SAMBA server, to ensure compatibility to exchanga data with the M$ machines running here. Any security issues? Yes, I know that running a server app on a router/firewall imposes a severe threat, but ir would be a thought, since I need some basic compatibility with the rest of the environment. Is it also possible to Send/receive the "messenging service" of NT, respective the "Popups"? Any input greatly appreciated. Regards Olaf Hoyer -------- Olaf Hoyer www.nightfire.de mailto:Olaf.Hoyer@nightfire.de FreeBSD- The power to serve ICQ:22838075 Liebe und Hass sind nicht blind, aber geblendet vom Feuer, dass sie selber mit sich tragen. (Nietzsche) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message