Date: Wed, 22 Apr 1998 09:11:46 +0400 From: nightmare@rd.seua.am (Gaspar Chilingarov) To: Mike Grommet <mgrommet@insolwwb.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: I need guidance with a installation... Message-ID: <353D7C11.71E6343B@rd.seua.am> References: <002501bd6d8e$03f651e0$02941fce@work1.insolwwb.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Mike Grommet wrote: > Hi guys... I need some advice.... > I have been put in charge of an installation of a server running freebsd > that will act as a mail server > and an internet web server, plus dns for a large factory office. The actual > web server setup and mail setup is simple and I feel pretty confident there > but I need advice as to whether or not I have this thing figured right... > > Heres the plan... please point out any flaws... > I am planning on setting up the in-house network on a non-internet class C , > like 192.0.2.* > and will set up the unix box on an internet class ip number say, > 206.31.148.99 or somesuch... > > Now I want to have the 192.0.2.* machines to be able to surf the net and > receive email and perform other > net capacitities, I would assume through some sort of proxy service... this > is possible right? > Yes , u'll need some proxy , the finest proxy for http & ftp is a squid - u cag get it's port. For other protocols u can use natd & socks5 > How do I link the two networks together? I'm a little fuzzy how this > works... please point me to any documentation you can think of. > if rc.conf find linesinterfaces= "lp0 ed0" ifconfig_lp0 = "inet 127.0.0.1 netmask 255.255.255.0" add to ur network card (for example it's ed0) ifconfig_ed0="inet ur_real_IP netmask real_netmask" & add aliases - ifconfig_ed0_alias0="inet ur_first_virtual_IP netmask first_vritual_netmask" ifconfig_ed0_alias1="" & etc. so ur ed0 card'll have 2 IP - first - real & second - virtual IP > Now about firewalls... I've never set one up so I am a lot fuzzy here... > The first question is do I even need a firewall since the ip's on the > 192.0.2.* network are not > internet accessible... If I should go ahead and set up a firewall, do you > guys suggest one at the router level? > u have to recompile kernel if u want to setup firewall - read about IPFW in manpages newer do it , if u are not on console , u must setup firewall only from consol - because by default firewall denies all network requests > or is it possible to run one on the same machine that will be acting as a > dns server, mail server and web server? Yes , all is OK. > > > Heres a hypothetical question for you... > if I set up a firewall on a machine and the network behind it is on > internetable IP's, how do I govern all traffic coming into the network... > the configuration I have in mind is: > basically traffic comes from the router, into a hub and on the network from > there... how do I make it so that all traffic goes into the actual firewall > machine? > > Sorry for all the silly questions, I just don't know much about this and I > need answers to give to the powers that be... Thanks again for any help you > provide. I don't want to screw this up. > > Mike Grommet > System Admin, and all around nice guy > Internet Solutions, Inc. > mgrommet@insolwwb.net > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?353D7C11.71E6343B>