On Mon, 2003-12-08 at 15:06, A.J. Bonnema wrote:
Hi guys,
I read your advice on using firewall tools, so I started using firestarter. Now I have the following problem. My network has two internet connections I might use:
1. eth1 = internal traffic + traffic from the internet through a physical router/firewall
2. A connection through my telefone line which I will use if the ADSL connection is down.
So what I need is for all traffic from the eth1-card to be accepted and all traffic from the telefone line to be scrutenized by the fire wall.
If you want to allow all traffic from eth1 card to be accepted then you
don't want a firewall at all, except when you're using the telephone
line/modem.
That occurred to me, however, I will be blocking the internal network traffic too. And what I want is the internal servers (like Samba) to be usable for the internal devices and not usable from anywhere else. The external firewall takes care of the ADSL connection through the ethernet card.
That's why I was wondering whether I could have both: complete freedom on the ethernet card and a strict firewall from the telephone line.
If this is the case then set up your firewall in
firestarter to be very restrictive (only applying to the modem dial-up
connection) and on the second page of the wizard, choose "ppp0" (or
similar)
For some reason this interface doesn't appear in firestarter. Only eth1.
Lokkit did detect the ppp0 device as does the "network device control" from "system tools".
and tick 'Start the firewall on dial-out'. Go through the rest
of the wizard relating to ppp0 (blocking just about everything).
Cheers,
Daniel
Guus. -- A.J. Bonnema, Leiden The Netherlands, user #328198 (Linux Counter http://counter.li.org)
