[Shorewall-users] Firewall Requirement

Bhavin Modi modi_bhavin at hotpop.com
Sat Dec 20 11:33:57 PST 2003


I think I presented the network in a wrong manner.

Here is the correction.

Router(/30) < -- > Firewall external interface (/30)
                                 |
                          Firewall DMZ interface (/24) <----> Public Network
(/24)
                                 |
                          Firewall pvt. network interface (rfc1918) <---->
Private Network (not used as HTTP filtering causes extra load on firewall)


The gateway for firewall is the router IP address.
The gateway for public network is firewall DMZ interface address.

Thanks,
~Bhavin.

----- Original Message ----- 
From: "Tom Eastep" <teastep at shorewall.net>
To: "Mailing List for Experienced Shorewall Users"
<shorewall-users at lists.shorewall.net>
Sent: Friday, December 19, 2003 8:41 PM
Subject: Re: [Shorewall-users] Firewall Requirement


> On Fri, 19 Dec 2003, Bhavin Modi wrote:
>
> > I have a live class C network(on T1) which routes from the provider
through
> > a router on a /30 network.
> >
> > Router(/30) < -- > Firewall external interface (/30)
> >                                 |
> >                                 |----> Public Network (/24)  (I have a
linux
> > proxy(squid) which serves the private network. I want to remove this.)
> >                                 |
> >                                 |----> Private Network (not used as HTTP
> > filtering causes extra load on firewall)
> >
>
> The above is totally incomprehensible.....
>
> -Tom
> -- 
> Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
> Shoreline,     \ http://shorewall.net
> Washington USA  \ teastep at shorewall.net
>
> _______________________________________________
> Shorewall-users mailing list
> Post: Shorewall-users at lists.shorewall.net
> Subscribe/Unsubscribe:
https://lists.shorewall.net/mailman/listinfo/shorewall-users
> Support: http://www.shorewall.net/support.htm
> FAQ: http://www.shorewall.net/FAQ.htm
>
>




More information about the Shorewall-users mailing list