| 1 |
On 21:42 Thu 06 Oct , Mark wrote: |
| 2 |
> I'd like to build a gentoo box to act as a single router between a |
| 3 |
> hardware firewall (appliance) and two internal separate network segments. |
| 4 |
> The goal is to allow both internal segments to access the Internet via the |
| 5 |
> same firewall, but not allow them to see eachother. |
| 6 |
> |
| 7 |
> Here's my general idea - please tell me if it makes sense so far. |
| 8 |
|
| 9 |
Your outline looks good. Haven't ever used a hardware firewall, though. |
| 10 |
|
| 11 |
My setup is a firewall/router, external port to dsl modem, two internal, |
| 12 |
one wired, one wireless. I bridged the two internals into a single subnet. |
| 13 |
|
| 14 |
I used: |
| 15 |
|
| 16 |
http://www.gentoo.org/doc/en/home-router-howto.xml |
| 17 |
|
| 18 |
as my guide, then did some googling on bridging for the rest. Works great! |
| 19 |
|
| 20 |
By the way, I used iptables for the firewall, but there is some terrific |
| 21 |
documentation for shorewall, which you might find a bit easier. |
| 22 |
|
| 23 |
Bill Roberts |
Archives