From: <ee...@fr...> - 2005-03-15 00:25:42
|
Hi, Try http://www.shorewall.net It's VERY well documented, with lots of howto and extensively commented configuration files and you don't need to have understood the "art of ipt= ables" for using it in "unusual 4 nets" configurations. You can begin with editing each files in /etc/shorewall/ and READ the sam= ples in there. Then you'll figure out you only have few to modify, mainly "interf= aces, masq, params, policy, (rules) and zones". About scheduled internet access, I have no experience with that but a bas= ic hack could be to have two policy files : policy.day and policy.night; then add= two entries in /etc/crontab, one to overwrite /etc/shorewall/policy with poli= cy.day at 8:00 and one with policy.night at 20:00 (for ex) policy.night should have something like ... lan2 net ACCEPT lan3 net DROP # or REJECT as you prefer ... and policy.day should have something like ... lan2 net ACCEPT lan3 net ACCEPT ... Shorewall is very simple to understand and can also be tuned easily as yo= u understand more tips and tricks in the art of firewalling :-) Have Fun, MaNU -- |