Re: Linux Firewall ???
From: Joe Bloggs (stuSpam-art@excite.com)Date: 04/09/02
- Next message: Reiner Griess: "Re: snort and port 53 <-> 53 false positives"
- Previous message: Don Kelloway: "Re: Trojan horse Scans"
- In reply to: Eirik Seim: "Re: Linux Firewall ???"
- Next in thread: Eirik Seim: "Re: Linux Firewall ???"
- Reply: Eirik Seim: "Re: Linux Firewall ???"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Joe Bloggs <stuSpam-art@excite.com> Date: Tue, 09 Apr 2002 14:08:24 +0200
Eirik Seim wrote:
>
> This is absolutely true, but I like to have the "inside" and "outside" of
> the firewall on two different cables. You are thinking of having more than
> one IP on the network interface card, right? Or didnt I get your point?
>
> And by the way, the most recent firewalls I configured was on a 100Mbit switch,
> with a gigabit uplink to the Internet :)
>
> > Or... You could even have it as a layer two bridge filter!
>
> Sure, but still, I like to have separate cabling for the two network segments,
> and I would not recommend a single homed firewall solution here, or to a
> customer. But as you say, it will _work_.
>
> Anyone running a setup like this in a production environment? Comments,
> experiences, etc?
We had an internet facing single homed box with - yes - two seperate subnets running
into the same lan. Worked just fine but this was eventually changed to the classic
dual style..
Come to think of it we also ran filtering bridges separately...
Gigabit to the internet! Nice.. would love to get kazaa on that... but only 100mb to
the wall? Load balancing maybe? What system were they running and howdit cope?
- Next message: Reiner Griess: "Re: snort and port 53 <-> 53 false positives"
- Previous message: Don Kelloway: "Re: Trojan horse Scans"
- In reply to: Eirik Seim: "Re: Linux Firewall ???"
- Next in thread: Eirik Seim: "Re: Linux Firewall ???"
- Reply: Eirik Seim: "Re: Linux Firewall ???"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
