Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 2 May 2001 00:01:31 +0100
From:      Ian Chilton <ian@ichilton.co.uk>
To:        freebsd-stable@freebsd.org
Subject:   Firewall, NAT etc
Message-ID:  <20010502000131.A14756@woody.ichilton.co.uk>
next in thread | raw e-mail | index | archive | help 

Hello,

I have been using Linux for years, and have quite a few Linux servers,
but am quite new to FreeBSD. I think I have mastered the basics now and
have a few basic servers running FreeBSD.

But, my next task is more complicated, and I was wondering if anyone
could point me towards some good info on this sort of thing, or anyone
that has done similar before.


I have a machine, which has:

vr0 - 123.123.123.123 - static ip, on internet through
defaultrouter="123.123.123.1" in rc.conf

ed0 = 192.168.0.1
ed1 - 192.168.1.1
ed2 = 192.168.2.1


Right, what I need to do is this:

1) Let the 3 networks, 192.168.0.*,  192.168.1.* and 192.168.2.*
have full access to the internet using NAT, through ed0, ed1 and ed2 respectivly.

2) Have a firewall, so only the necessary ports like 22 for ssh server
need to be open. Everything else is deny'd, but the 3 internal networks
have full internet access.

3) Have firewalls, so the 3 internal networks  on ed0, ed1 and ed2 can't see each
other.

4) Have a bandwidth "cap" on each of the 3 internal networks, so they
can't saturate the connection

5) Use port forwarding, so ports on 123.123.123.123 can be sent to
machines on one of the internal networks.


I would really appreciate it if someone could point me in the right
direction for good docs on this stuff, and provide me with any scripts
/ commands you have that do this stuff.


Thanks in Advance!!


Bye for Now,

Ian


                                  \|||/ 
                                  (o o)
 /-----------------------------ooO-(_)-Ooo----------------------------\
 |  Ian Chilton                    E-Mail: ian@ichilton.co.uk         |
 |  IRC Nick: GadgetMan            Backup: ichilton@www.linux.org.uk  |
 |  ICQ: 16007717 / 104665842      Web   : http://www.ichilton.co.uk  |
 |--------------------------------------------------------------------|
 |       For people who like peace and quiet: a phoneless cord        |
 \--------------------------------------------------------------------/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010502000131.A14756>