Date: Sun, 5 May 1996 13:29:47 -0400 (EDT) From: Branson Matheson <branson@longstreet.larc.nasa.gov> To: abseil@thehub.com.au (Greg Laslett) Cc: questions@freebsd.org Subject: Re: Using Free BSD to do proxy routing Message-ID: <199605051729.NAA13637@longstreet.larc.nasa.gov> In-Reply-To: <01BB3A5E.35532980@dd04.thehub.com.au> from "Greg Laslett" at May 5, 96 08:38:07 am
next in thread | previous in thread | raw e-mail | index | archive | help
> > I would like the other hosts to be able to web browse, telnet, ftp etc = > without spilling 192.168 packets into the outside world. Can things be = > set up so that the BSD PC does proxy requests on behalf of the other = > nodes ? Ok.. for proxy gatewaying things like httpd, ftp, and gopher, I would look at the Harvest Cache. It is in the ports section but it compiles cleanly out of the box. We use it here for just that purpouse. For telnet you might consider looking at two options. - One give the people access on the BSD machine to telnet into it, and form there to telnet out. This is a good solution and allows you to more activly monitor who is using this type of access... - Two, you can look into using the BSD machine as a gateway. Make sure you read the manpages on ipfw and check in the handbook before you turn gateway on. Unless you filter things correctly you will be allowing the internet access to your internal network. Also consider that by putting that machine on PPP any one that has access to your machine can come in from either direction. You may wanna look at tcp-wrappers to control this. -branson -- ======================================================================== branson matheson | branson@widomaker.com Ferguson SysAdmin | http://widomaker.com/~branson
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199605051729.NAA13637>