[Shorewall-users] Shorewall as a "commercial" firewall
mfedyk at matchmail.com
Fri Sep 3 13:32:01 PDT 2004
Stephen Carville wrote:
>I am considering replacing my old checkpoint and watchguard firewalls witha
>single Linux box using iptables and shorewall. I have two ISP's (with
>separate routing tables), two DMZ's, at least one VPN to a remote office, and
>a local trusted network. The configuration will look like:
> | |
>net0 ----------+ eth1 eth3 +---- DMZ0 (~20 nodes)
> | |
>net1 ----------+ eth2 eth4 +---- DMZ1 (~5 nodes)
> | eth0 |
> Local (~120 nodes)
>The 1.544 M$ question is can Shorewall handle this kind of a setup? I've used
>shorewall for my home network but has anyone out there used it in the kind of
>environment shown above?
I have a similar setup except with only one DMZ and different ethX
numbers for each network.
Works great. I was using FIAIF before, but Shorewall is much simpler to
setup and still offers more functionality.
More information about the Shorewall-users