[Wylug-help] Bridge Filtering

James Holden james at jamesholden.co.uk
Mon, 20 Jan 2003 12:07:59 -0000 (GMT)


Dan,

Trying hard not to be a cynic here, but I don't think I'd favour a
consumer hardware firewall over the openbsd box.

Why not ditch the connexant and stick a 3rd NIC in the openbsd firewall?
Can the connexant do something that openbsd can't?

My experience lies in iptables though, not ipf. Works fine for me on linux
here (www.microcosmos.co.uk). The webserver is nicely protected behind the
firewall.

James



> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Well, as some of you know, I have two firewalls at home:
>
> e.g.:
>
> 			------>flatmate's Windows boxes
> Conexant ----|
> Firewall		-------> Open BSD firewall ---->My boxes
>
>
> Which works reasonably well.
>
> Except I can't serve from it - I can use the 'Virtual server' functions
> to forward ports from the Conexant Box to the OpenBSd firewall. Except I
> can't, beacause it doesn't work. (Connection refused, every time)
>
> So, I'd like the OpenBSd firewall to have it's own public IP address (We
> have a spare one from the ISP)
>
> Can I use the 'Bridge Filtering' function to do this if I set the
> OpenBSD firewall's IP address to a public one?
>
> Will the windows boxes still [work | behave the same as usual]?
>
> (Conexant firewall docs can be found at
> http://www1.planet.com.tw/FAE/ftp/ADSL/ADE3000/EM-ADEV2.pdf )
>
> Am I barking completely up the wrong tree here?
>
> Dan
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.6 (GNU/Linux)
> Comment: For info see http://www.gnupg.org
>
> iD8DBQE+K8mLC2kcpPIIs7gRAgSDAJ9TWLDYc9Ks0VQNz9Wa8ZyqX+UGdwCeO6mb
> DuJT6HO3h+cP/aI/d58qwn4=
> =PJK6
> -----END PGP SIGNATURE-----
>
>
> _______________________________________________
> Wylug-help mailing list
> Wylug-help@wylug.org.uk
> http://list.wylug.org.uk/mailman/listinfo/wylug-help