All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Mihai Vlad" <mihaivlad@web-profile.net>
To: lartc@vger.kernel.org
Subject: [LARTC] Firewal + Routing
Date: Thu, 18 Sep 2003 20:54:17 +0000	[thread overview]
Message-ID: <marc-lartc-106391855613098@msgid-missing> (raw)

Hello again.

Suppose I have the following setup:

	|-----------|					|-----------|
LAN<--|---eth0 ---| <------LINUX Router-------> |---eth1
---|------>INTERNET
	|-----------|					|-----------|

eth0 = 192.168.0.1  (LAN)
eth1 = 194.105.23.2 (INTERNET)	

As a basic configuration my Linux box is in fact a NAT box and an
"iptables-based" firewall.
The box works excellent for protecting my LAN.

Now, I have bought a class of 8 IP's (real ones). Those IP's were routed
by my ISP to my little Linux box.
I have assigned 5 of these 8 IP's to some computers in my LAN, as they
need real IP's on them.
One of them is placed on an alias to eth0. (eth0:0 = 213.154.255.209).

The new gateway for these 5 computers is in fact 213.154.255.209
(eth0:0), and as far as my judgment goes they 
are completely exposed to attacks. 

Is there any possibility to make my Linux box work as a firewall, not
only for the NAT-ed machines, but also for 
these 5 computers that have real IP's?

Thanks in advance.
 


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

             reply	other threads:[~2003-09-18 20:54 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-09-18 20:54 Mihai Vlad [this message]
2003-09-18 21:18 ` [LARTC] Firewal + Routing Daniel Chemko

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=marc-lartc-106391855613098@msgid-missing \
    --to=mihaivlad@web-profile.net \
    --cc=lartc@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.