Date: Mon, 12 Feb 1996 09:46:28 -0500 From: Jerry Kendall <jerry@border.com> To: FreeBSD Hackers <freebsd-hackers@FreeBSD.org> Subject: Re: Network Address Translation Message-ID: <96Feb12.094844est.20484-1@janus.border.com> In-Reply-To: <96Feb12.094533est.20482-1@janus.border.com>
next in thread | previous in thread | raw e-mail | index | archive | help
OK all you hackers, I read this in comp.security.firewalls What about FreeBSD as a firewall tool...? On Fri, 9 Feb 1996, Dave Mischler wrote: > > In article <4f786g$ec@Dortmund.Germany.EU.net>, sel05@sel05.bertelsmann.de (Olaf Selke) says: > > >If u look for an easy and low cost solution, use a PC and install Linux. > > This is a workable solution, but I don't think it is the easiest. > > >If u use internally the e.g. the class A net 10.0.0.0, all outgoing > >packets will get the source ip address (this one must be official) of > >your Linux box's public interface. The main drawback in this solution > >is that u can't establish a connection from outside your ip address > >translator to machines inside without logging into your translator. > > Check out http://www.mischler.com/iproute/ for another solution that > doesn't have this drawback. You can redirect incoming requests to > your public IP address to an internal machine on a port-by-port basis. > > IPRoute is a $50 shareware package that runs on a dedicated DOS PC (a > 286 will do in a pinch). It supports ethernet packet drivers, PPP, > SLIP, packet filtering, address translation, event and packet logging > to a syslog daemon, etc. > > - Dave > > Dave Mischler (Dave@Mischler.COM) wrote: > : Check out http://www.mischler.com/iproute/ for another solution that > : doesn't have this drawback. You can redirect incoming requests to > : your public IP address to an internal machine on a port-by-port basis. > > Use plug-gw from the TIS FWTK. Lets you do port "redirection" (I > think you mean tunnelling) on a source address-by-source address > basis, as well as port-by-port. (For TCP, anyway.) > > Also free. > > : IPRoute is a $50 shareware package that runs on a dedicated DOS PC (a > : 286 will do in a pinch). It supports ethernet packet drivers, PPP, > : SLIP, packet filtering, address translation, event and packet logging > : to a syslog daemon, etc. > > Sounds like Linux to me, although you'd need >= a 386, and it won't > cost you the $50. > > And with Linux, you get the source, and a large body of developers for > support. > > Mike > > -- > #> Mike Shaver (shaver@ingenia.com) Ingenia Communications Corporation <# > #> Technical Specialist -- will tame sendmail(8) for food <# > #> <# > #> "You are a very perverse individual, and I think I'd like to get to <# > #> know you better." --- eric@reference.com <# > > -------------------------------------------------------------------------------- Any comments or opinions in this message are my own and may or may not reflect the comments or opinions of my present or previous employers. Jerry Kendall Border Network Technologies Inc. System Software Engineer Tel +1-416-368-7157 ext 303 jerry@border.com Fax +1-416-368-7178
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?96Feb12.094844est.20484-1>