* DNS - Firewall - Gateway - and services ...
@ 2003-01-11 8:10 lawrence Of Arabia
2003-01-11 8:53 ` Joel Newkirk
0 siblings, 1 reply; 2+ messages in thread
From: lawrence Of Arabia @ 2003-01-11 8:10 UTC (permalink / raw)
To: netfilter
Hey everyone,
i have a slight problem. there is none yet, i just dont have a solution.
i have a dsl connection with dynamic IP. i run an apache box 24/7 and mail.
i have a domain. up to here it has been easy, all from zoneedit. but this
does not offer me great security. so i look around and thought i would go
with the linux box as a gateway/firewall option. because it seems the most
secure, scalable solution. For someone not running services, this is rather
simple. but since i will be offering services, it gets a little more
complicated.
in a perfect world, i would have one public ip, and a NAT lan ...
all services would be run on nat and access the net from the linux gateway.
up to here, its simple, port forwarding.
BUT! i do not want to use port forwarding, one reason of many, i cannot add
to many services of the same kind, AND it forces me to deal extensively with
zoneedit. (i want total control, it would be PERFECT if zoneedit was out of
the story) ...
i also want hostname recognition, every box will have ftp and ssh anyway
(plus http or pop3/imap depending) ...
i want to be able to call john smith who works for bell south to talk to him
about my credit status or his kids! not just ask the accounting department.
well ...
i have been looking into this for a while, and feel closer to it. I KNOW
THERES A WAY! i just dont know it!
i would greatly appreciate comments, suggestions, if you have a solution, it
being with iptables only, an dns server, a proxy or all of those ... i dont
care, i wanna hear it!
thanks people ...
lawrence
_________________________________________________________________
MSN 8 with e-mail virus protection service: 2 months FREE*
http://join.msn.com/?page=features/virus
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: DNS - Firewall - Gateway - and services ...
2003-01-11 8:10 DNS - Firewall - Gateway - and services lawrence Of Arabia
@ 2003-01-11 8:53 ` Joel Newkirk
0 siblings, 0 replies; 2+ messages in thread
From: Joel Newkirk @ 2003-01-11 8:53 UTC (permalink / raw)
To: lawrence Of Arabia, netfilter
On Saturday 11 January 2003 03:10 am, lawrence Of Arabia wrote:
I am running quite a similar arrangement, everything on a RedHat 7.3 box.
I'm off to bed at the moment, but sometime late tomorrow I will email
you (off the list) regarding this. Apart from the firewalling script
itself, what you are interested in doesn't belong here anyway.
If you want to send me an email privately of what services you want to
run, and what zoneedit is currently handling, I can perhaps help out
some. Otherwise (unless you ask me not to) I'll write up a brief
explanation of what I have set up and how it works.
BTW, I'm not familiar with zoneedit.com's services, I use others, but the
net effect is the same, so my experiences should still prove helpful.
j
> Hey everyone,
>
> i have a slight problem. there is none yet, i just dont have a
> solution.
>
> i have a dsl connection with dynamic IP. i run an apache box 24/7 and
> mail. i have a domain. up to here it has been easy, all from zoneedit.
> but this does not offer me great security. so i look around and
> thought i would go with the linux box as a gateway/firewall option.
> because it seems the most secure, scalable solution. For someone not
> running services, this is rather simple. but since i will be offering
> services, it gets a little more complicated.
>
> in a perfect world, i would have one public ip, and a NAT lan ...
> all services would be run on nat and access the net from the linux
> gateway. up to here, its simple, port forwarding.
>
> BUT! i do not want to use port forwarding, one reason of many, i
> cannot add to many services of the same kind, AND it forces me to deal
> extensively with zoneedit. (i want total control, it would be PERFECT
> if zoneedit was out of the story) ...
>
> i also want hostname recognition, every box will have ftp and ssh
> anyway (plus http or pop3/imap depending) ...
>
> i want to be able to call john smith who works for bell south to talk
> to him about my credit status or his kids! not just ask the accounting
> department.
>
> well ...
>
> i have been looking into this for a while, and feel closer to it. I
> KNOW THERES A WAY! i just dont know it!
>
> i would greatly appreciate comments, suggestions, if you have a
> solution, it being with iptables only, an dns server, a proxy or all
> of those ... i dont care, i wanna hear it!
>
> thanks people ...
>
> lawrence
>
>
>
>
> _________________________________________________________________
> MSN 8 with e-mail virus protection service: 2 months FREE*
> http://join.msn.com/?page=features/virus
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2003-01-11 8:53 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-01-11 8:10 DNS - Firewall - Gateway - and services lawrence Of Arabia
2003-01-11 8:53 ` Joel Newkirk
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox