From: Andrea Tasso <andrea@tasso.info>
To: netfilter@lists.netfilter.org
Subject: need help firewalling homebrew http+smtp+dns+vpn
Date: Sun, 21 Dec 2003 08:07:57 +0100 [thread overview]
Message-ID: <20031221070757.GD15390@dragonII> (raw)
hello, these are my naive questions, I am a newbie:
I need to firewall my homebrew linux boxes, say to close everything I can to/from outside (internet), and do
everything inside my vpn. On the FIREWALL machine I also run some server whose services/ports must keep to be
accessible to/from outside. Those kinds of connections I need to do also to servers outside.
All the machines of the VPN need to be free to suft the outside internet. So also masquerading and forwarding are
needed.
thanks a lot for your help,
Andrea
That's my box: (see also below for explanations)
------------------ -----------
| 192.168.8.2 eth0 |-----| | FIREWALL |
------------------ | ---------- - - - - - - ----------
|-----| eth1 192.168.8.1 |
------------------ | | |
| 192.168.8.3 eth0 |-----| | 10.0.0.1 eth0 |----------|
------------------ | | |
|----| wlan0 192.168.2.1 | |
------------------- | --- - - - - - - - - - - - - - --- |
| 192.168.2.2 wlan0 |-----| | servers: ssh:22 | |
------------------- | http:80 | |
| https:443 | |
| dns:42/53(?) | | my VPN: everything
| smtp:25 | |
------------------------- --------- in/out (ssh,http,https,dns,smtp +
| "masqued web browsing")
|
| "outside"
|
-------------------------
----------| eth0 |
| dsl 10.0.0.138 |
| router |
----------| |
| dummy(*) ip |
| 111.69.96.69.96 |
| ppp0 (?) |
-------------------------
|
|
internet
(*) dummy ip: the dsl router has a fixed ip I do not write for security
(?) the question mark is for stuffs I am not sure about
next reply other threads:[~2003-12-21 7:07 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-12-21 7:07 Andrea Tasso [this message]
2003-12-21 10:38 ` need help firewalling homebrew http+smtp+dns+vpn Antony Stone
2003-12-21 16:12 ` Mark E. Donaldson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20031221070757.GD15390@dragonII \
--to=andrea@tasso.info \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox