Re: Routing problem

[mike808 <mike808@users.sourceforge.net>]

On Saturday 31 August 2002 11:28 pm, Nate Reindl wrote:
> Here's the problem.  I'd like to have a good percentage of my machines (my
> servers, my workstation, the router, and whatever dad wants) to be seen
> from the outside world.  Trying to SSH into my workstation from some
> location other than my LAN is impossible because of my current config. 
> Likewise with my servers. It's just a RPITA.  To give you a slight idea of
> what I'm talking about:

Do yourself a favor and get thee hence to http://www.shorewall.net/.

Check out the three zone configurations with DMZ.

Check out the SNAT and DNAT sections.

You can even proxy ARP requests to *really* make your internal DMZ machine 
look like it's really on the net.

> What I was aiming for, though, were actual commands or decent docs to get
> this thing off the ground.  I have my basic setup going right now ala my
> hackup of Eric's rules, but reaching my objective still has to be done. 
> Like I said in my original mail, I can't find *any* documentation on how to
> do this whatsoever.

http://www.shorewall.net/. I'm not kidding. Read the docs. Very enlightening.
Very easy to setup and understand your configuration.
I didn't believe it, looked for other solutions, and then caved, and never 
looked back. I don't know why I was being so stubborn when my brother pointed 
out this great tool to me.

Mike808/
-- 
() Join the ASCII ribbon campaign against HTML email and Microsoft-specific
/\ attachments. If I wanted to read HTML, I would have visited your website!
Support open standards.


-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.