> On Thu, 2005-07-21 at 22:42 -0500, Bill McCormick wrote: >> Hello, >> >> I want to use my FC3 box to control outcoing traffic but still use my >> Netgear router as the main FW. How can I accomplish this? >> >> My network (it's a home setup) is pretty basic and looks like this: >> >> Internet <----> DSL Router (NG FVS318) <-----> LAN >> >> The LAN is a a wired FC3 and some wired and wireless Windows machines. >> Currently, all clients with IP greater than the FC3 must proxy through >> squid et. al. on the FC3; the router blocks everything unless its from >> FC3. The FVS318 forwards incomging http, imap-ssl, pop-ssl, and ssl to >> the FC3. > > Firestarter (http://www.fs-security.com/) works well for me on my home > network, as well as for a local secondary firewall on work boxes. > Haven't made much use of the outgoing traffic rules, but the capability > exists in the GUI - can be either "Permissive/blacklist" or > "Restrictive/whitelist". or just set your fc-box with 2 nics as a router. for this, set in /etc/sysctl.conf the following: # Controls IP packet forwarding net.ipv4.ip_forward = 1 to get your box immediatly as a router without rebooting, do this: echo 1 >/proc/sys/net/ipv4/ip_forward your box will route immediately. make sure, port 3128 for your squid is opened on the fc for your clients. On your clients, set your FC3-Box as default Gateway. On the FC3-Box, set your FVS318 as default gateway. This should do what you want. HTH Roger > > Phil > > > -- > fedora-list mailing list > fedora-list@xxxxxxxxxx > To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list >
