From: Anders Fugmann <afu@fugmann.dhs.org>
To: Rowan Reid <rreid@studio3arc.com>
Cc: netfilter@lists.netfilter.org
Subject: Re: Internal ip exiting network on firewall external nic despight rule
Date: Sat, 21 Sep 2002 15:01:09 +0200 [thread overview]
Message-ID: <3D8C6D95.1070308@fugmann.dhs.org> (raw)
In-Reply-To: 000101c260f4$c5861260$0801a8c0@s3ac
Rowan Reid wrote:
> Since I'm cheap I don’t want to purchase another hub, I have my T1,
> connected to a hub with my Firewall extif, my VPN extif and the hub is
> connected to my switch this allows my to access the net directly and
> through the firewall from my station, this is for diagnostic purposes so
> I don’t have to play cable switcher.
I really do not understand why you do not want all traffic to go through
your firewall. A firewall is supposed to shield off any unwanted traffic
to ever enter the internal network, which is only accomplised, if all
traffic _must_ go through the firewall.
This could be accomplished simply by connecting your external interface
on the firewall directly to the T1 entry point, and the switch/hub to
the internal network interface.
The "diagnostic purposes" you are talking about are rendered useless
with the configuraion you are describing - not to mention the _serious_
degradation of your network.
Regards
Anders Fugmann
next prev parent reply other threads:[~2002-09-21 13:01 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-09-20 18:37 Internal ip exiting network on firewall external nic despight rule Rowan Reid
2002-09-20 19:05 ` Antony Stone
2002-09-20 20:59 ` Rowan Reid
2002-09-20 21:36 ` Antony Stone
2002-09-20 21:58 ` Rowan Reid
2002-09-20 22:43 ` Antony Stone
2002-09-20 23:10 ` Rowan Reid
2002-09-20 23:32 ` Antony Stone
2002-09-20 19:13 ` Tom Eastep
2002-09-20 19:11 ` Rowan Reid
2002-09-20 19:34 ` Antony Stone
2002-09-20 19:40 ` Tom Eastep
2002-09-20 21:24 ` Rowan Reid
2002-09-20 21:54 ` Antony Stone
2002-09-20 22:26 ` Rowan Reid
2002-09-20 23:01 ` Antony Stone
2002-09-20 23:13 ` Rowan Reid
2002-09-20 23:37 ` Antony Stone
2002-09-21 1:00 ` Tom Eastep
2002-09-21 13:01 ` Anders Fugmann [this message]
2002-09-20 19:36 ` Tom Eastep
2002-09-20 19:53 ` Alistair Tonner
[not found] <000d01c260e8$df710380$0801a8c0@s3ac>
2002-09-20 21:44 ` Antony Stone
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3D8C6D95.1070308@fugmann.dhs.org \
--to=afu@fugmann.dhs.org \
--cc=netfilter@lists.netfilter.org \
--cc=rreid@studio3arc.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox