Date: Wed, 11 Feb 1998 08:48:40 -0500 (EST) From: Cliff Addy <fbsdlist@federation.addy.com> To: questions@FreeBSD.ORG, isp@FreeBSD.ORG Subject: FreeBSD firewall questions Message-ID: <Pine.BSF.3.95q.980211082836.5078A-100000@federation.addy.com>
next in thread | raw e-mail | index | archive | help
We're looking to use FreeBSD to build a firewall and bandwidth monitor for
our network, the new box will sit between our ethernet hub and the router
leading to the internet. We need it to go as smoothly as possible, so I'd
like to tap the wisdom of those who may have done this before.
- I think we have to change the default gateway of all our systems to the
firewall box, is that correct? Currently, they use the router.
- We have 4 class C networks in our internal systems. Let's assume we
assign 100.100.100.100 to the "inside" nic on the firewall box and
100.100.100.101 to the "outside" nic, while the router's ip is
100.100.100.1. Does this routing on the firewall box look right?
- set static network routes to the internal class C networks
route add -net 100.100.100.0 -interface 100.100.100.100
route add -net 100.100.101.0 -interface 100.100.100.100
route add -net 100.100.102.0 -interface 100.100.100.100
route add -net 100.100.103.0 -interface 100.100.100.100
- set a static route to the router's ip address
route add 100.100.100.1 100.100.100.101
or does this need to be
route add 100.100.100.1 -interface 100.100.100.101
- set the default gateway to the router's ip in rc.conf
defaultrouter="100.100.100.1"
- In order to connect the outside nic of the firewall directly to the
router, don't we need a "special" cable, the cat-5 equivalent of a
null-modem cable?
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95q.980211082836.5078A-100000>