On Wed, 2005-01-26 at 19:40 +0100, Franco wrote: > Hi, what i need is this: > i have a Cisco Router and 8 servers with 8 public ips, > now i need of a firewall and i want to setup a linux server > as firewall to filter all incoming traffic from router and > pass it to a servers if the firewall policy have passed. > > What i need to know is how can i setup the ethernet card > for use it as firewall-gateway for my public lan. > Best regards. > All you need is to set up the Linux system with *two* Ethernet cards (not one, as your text seems to suggest) connected this way: Cisco <---> Linux firewall <---> Ethernet Switch <---> Servers Once you have both Ethernet interfaces, Shorewall has NAT and masquerading abilities that are more than ample for your needs. I do this kind of thing quite frequently. However, as some other poster pointed out, this sounds very much like a system on which your business will depend; and that makes the cost of any mistakes, or downtime, or a cracked firewall, much higher (perhaps more than you can afford). Are you sure you want to set this up as your first project? Perhaps you would be well advised to set up a test system or three, get to know the software involved, and understand the material better before you go "live"? Also, is there a reason you are using such a powerful box for your firewall? You have 2,700 MHz and probably don't need more than 200 MHz; and you have 768MB of RAM where at most you likely need 64MB. I don't suggest that you *must* use old and underpowered hardware! I simply would like to be sure that you are not under the opposite mistaken impression (i.e. that you actually need this much power). Cheers, -- Rodolfo J. Paiz <rpaiz@xxxxxxxxxxxxxx>
