The UNIX and Linux Forums  

Go Back   The UNIX and Linux Forums > Special Forums > Security
Reload this Page Firewall Implimentation - Recomendations
Google UNIX.COM
Forums Portal Register Forum Rules FAQContribute Members List Arcade Search Today's Posts Mark Forums Read



Thread: Firewall Implimentation - Recomendations
View Single Post in UNIX Forums - Click on the Thread or Permalink to View Entire Thread -->
  #3 (permalink)  
Old 09-22-2006
DraconianTimes's Avatar
DraconianTimes DraconianTimes is offline
Registered User
  

Join Date: Jul 2004
Location: United Kingdom
Posts: 23
Quote:
Originally Posted by pathological
We will have the internet coming through to the modem which will proceed to the Firewall (Hardware) then fomr there to the UNIX Firewall server, then out to the network. So i will need to figure out how to route, have the signal come in on eth0 and then go back out on eth1. Then setup my rules in between.
Without wanting to start a flame war, for what you have described I would use OpenBSD, not FreeBSD. OpenBSD has an excellent track record for security, and it comes with a built-in firewall called "pf" which is highly configurable and allows all manner of traffic manipulation. OpenBSD is free to download and runs on many architectures including i386 and sparc. To enable routing on an OpenBSD box, read this.

OpenBSD Project Homepage
OpenBSD FAQ
OpenBSD pf FAQ

Can you clarify your network config? Is it really:

INTERNET -> Modem -> Hardware Firewall -> New Firewall -> LAN ?

If you're going to be doing any hosting or public access boxes (e.g. web server) these should be situated between your two firewalls in a DMZ or alternatively hand off a seperate interface.

HTH
Nick
Reply With Quote