Firewall Wizards mailing list archives
Re: Iptables /Router
From: Christopher Hicks <chicks () chicks net>
Date: Sun, 12 Dec 2004 14:50:58 -0500 (EST)
On Sun, 12 Dec 2004, Marek Pawinski wrote:
I previously had a network with one Mandrake box A as a internet gateway (ISDN) using internet connection sharing to some desktops B.
Cool.
I now have a ADSL modem/router connected to the Mandrake box A and the router does the NAT and packet filtering.
Does it have to? Unless you're worried about someone attacking the Mandrake box then you'll probably find your life easier with only one NAT box in the chain.
I now notice that the internet connection seems to bypass box A and does not go through shorewall at all.
I think this is confusion.
grc.com shows that my IP is that of the router been scanned.
Sure. That the real routable IP. Unless you've run an Ethernet cable from your LAN directly into the router, each stage will do NAT seperately.
So my question is how can i set this up so shorewall on box A as well as the router protect the network ?
As long as your LAN is plugged into the shorewall and the router is plugged into the shorewall and the LAN and router aren't plugged into each other directly you're in good shape.
-- </chris> "Fans of Mozilla's free, open-source Firefox browser make the ardent Apple faithful look like a bunch of slackers." - Rebecca Lieb at clickz.com _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Iptables /Router Marek Pawinski (Dec 12)
- Re: Iptables /Router Paul D. Robertson (Dec 12)
- Re: Iptables /Router Christopher Hicks (Dec 12)