RE: [Bastille-Linux-discuss] Bastille-firewall design, custom rules
This tool locks down Linux and UNIX systems.
Brought to you by:
jay
From: Bruce D. M. <gh...@ro...> - 2001-05-26 15:14:38
|
I guess I need to reread my 'building firewalls' book. For some reason I thought I had to switch to private IP space when doing NAT. Thank you. Bruce > > You could do that right now with bastille-firewall-early.sh. > All you need > are a few rules in the FORWARD chain that allow whatever traffic needs > to pass between the DMZ interface and the other interfaces. > > Jay has also talked about building DMZ questions into > Bastille, probably > offering both a straight forwarding option and a DNAT option, > too. I'll be here ready to test any of that stuff when it is ready for testing! Bruce |