[Wolves] Dual-green Smoothwall

Ron Wellsted wolves at mailman.lug.org.uk
Wed Aug 27 14:01:00 2003 

On Wed, 27 Aug 2003, Old Dan wrote:

> 'lo
>
> Hate to go all, like, on-topic and stuff on y'all but...
>
> I'm running a smoothie box here facing the internet with the 'old'
> swerver, running postgres, cyrus IMAP, opengroupware, samba and whatnot
> for the network on green.  It's a straight red-green configuration with
> the 'net dual-natted, with a portforward thingie going on ports 25 and
> 80 for the opengroupware/cyrus stuff.
>
> The thing is, what I would like to do is have a red-orange-green setup
> with the server on orange.  This is, of course, eminently doable except
> for one thing:  I need two green interfaces, because I have both a wired
> 100baseTX subnet and a wireless subnet going simultaneously, both routed
> together through iptables on the server so both subnets can see each
> other. Smoothie GPL just won't do that.  Neither, it seems, will the
> paid smoothie version, or so I'm led to believe.
>
> Maybe I'm wrong there.
>
> What I'm not sure of is whether to switch to IPCop(if it'll even do it),
> pay smoothwall =A3=A3=A3 for the corporate version plus the smoothdualgre=
en or
> whatever module (I did read somewhere what the name of it would be,
> together with a 'that's hard to do and it's on hold for now as no-one
> seems to want it' message) or blatantly nick(*) the iptables/snort setup
> of smoothwall and extend it for the multiple interfaces on some sort of
> minimal Debian install.  What I *really* don't want to do is have to go
> into the nooks and crannies of the existing smoothwall config files and
> do it that way, especially since I suspect that when the next security
> update from Smoothwall appears it'll probably break any changes I make.
>
> Has anyone come across this?
> ::peers at crowd::
>
> --
> Dan
> (*) Aha!  So *that's* what open-source is for!  ;)
>

Take a look at Mandrake MNF8.2, This needs a slightly bigger box than
smoothy but will do everything you want.
The free download version is the same as the paid for supported version,
supports multiple VPNS, and upto  6 network cards in any config you want.

--=20
Ron Wellsted
http://www.wellsted.org.uk
ron@wellsted.org.uk