From: Simon H. <li...@th...> - 2007-03-31 13:18:12
|
java guru wrote: >Thanks. Yes, I will be running squid on the same >machine as shorewall. > >Are you saying that if I install squid, I wouldnt need >shorewall anymore ? No I didn't say that. What I said is that you do not need to route packets from cablemodem to dial-up modems - because you will simply never have them delivered to you anyway. You WILL probably still want to use Shorewall (or any other firewall setup that you wish) in order to secure your setup. >a) I want to block all incoming ports from >ppp(0,1,2..) to secure it Set the policy from the zone containing the dialups to internal zones (and firewall) to drop. >b) I am trying to achieve a way to distribute the out >going http, https traffic onto ppp interfaces. And >from what read, squid isnt very good at that type of >routing . So I thought I would use shorewall + squid. Read the bit in teh docs about multi ISP setup ? >Any thoughts ? Yes, apart from the above, please learn to properly quote & trim messages, and post your new material below that to which it refers. |