[Fwbuilder-discussion] fwbuilder + iproute2 questions
Brought to you by:
mikehorn
Menu
▾
▴
[Fwbuilder-discussion] fwbuilder + iproute2 questions
|
From: Bradley M A. <st...@tu...> - 2005-08-25 23:16:35
|
Hi, I'm trying to get my brain around how to configure a firewall I am building. I'm not sure how much falls under iproute and how much is fwbuilder. I'm building on a firewall with 6 interfaces, configured as follows: eth0 - internal network eth1 - kiosk network eth2 - customer waiting area network eth3 - external connection, provider 1 eth4 - external connection, provider 2 I need to configure this such that the customer waiting area network (eth2) and the kiosks (eth1) route out on provider 2 (eth4), and the internal network (eth0) routes out on provider 1 (eth3). Based on my early research, I'm going to need to do the routing through iproute2, and I am trying to figure out the best way to do it. Once I get into fwbuilder, am I going to need to build my rulesets on each individual interface or just provide generalities in the policy section and allow iproute to handle the routing? I still have a lot of questions in my mind about how the interface-specific rules are employed. If anyone has any wisdom on the best way to configure this firewall, I would very much appreciate it. -- --Brad ======================================================================== Bradley M. Alexander | IA Analyst, SysAdmin, Security Engineer | storm [at] tux.org Debian/GNU Linux Developer | storm [at] debian.org ======================================================================== Key fingerprints: DSA 0x54434E65: 37F6 BCA6 621D 920C E02E E3C8 73B2 C019 5443 4E65 RSA 0xC3BCBA91: 3F 0E 26 C1 90 14 AD 0A C8 9C F0 93 75 A0 01 34 ======================================================================== Time is what keeps everything from happening to us all at once. |