From owner-freebsd-questions Fri Feb 9 18:20:29 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id SAA05772 for questions-outgoing; Fri, 9 Feb 1996 18:20:29 -0800 (PST) Received: from zappa.cs.uncc.edu (zappa.cs.uncc.edu [152.15.35.2]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id SAA05766 for ; Fri, 9 Feb 1996 18:20:26 -0800 (PST) Received: by zappa.cs.uncc.edu (5.x/SMI-SVR4) id AA06085; Fri, 9 Feb 1996 21:10:38 -0500 From: jlrobins@zappa.cs.uncc.edu (James Robinson) Message-Id: <9602100210.AA06085@zappa.cs.uncc.edu> Subject: Re: Is This Possible with FreeBSD ? To: shishpop@ftp.com (Shishir Belbase) Date: Fri, 9 Feb 1996 21:10:37 -0500 (EST) Cc: questions@FreeBSD.org In-Reply-To: <9602092315.AA06486@MAILSERV-H.FTP.COM> from "Shishir Belbase" at Feb 9, 96 05:51:30 pm X-Mailer: ELM [version 2.4 PL24] Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-questions@FreeBSD.org Precedence: bulk > > > I would appreciate experts' answer on this. I am not sure if > the following is possible with FreeBSD: > > > > Internet--------- ----------private LAN > | | > tun0 ep0 > ------- > | | > | | > ------- FreeBSD2.1 running DNS, SOCKS > IPFW turned off, etc. > > The main purpose is to have a server that acts as a firewall > allowing clients on the provate LAN to access the internet. > > tun0 interface will have a valid ip ( ppp ) address and the ep0 > will be a made up address/LAN. Yes -- I used to do something similar at my last place of business. I ran a kernel ppp connection to the "real world", and ran the CERN httpd in proxy server mode to forward ftp, http, gopher, etc. All the private LAN boxes only wanted to run Netscape, so it did the trick. Disable main servers on the freebsd box in /etc/inetd.conf to keep folks from hacking into it (or at least cut down their possible vectors :-) James