Re: Help! Can I do this for under $400?
From: Nigel Wade (nmw_at_ion.le.ac.uk)
Date: Fri, 10 Sep 2004 11:28:34 +0100
On Fri, 10 Sep 2004 03:16:18 +0000, Jack Dimple wrote:
> Dear Void:
> The simple but very legitimate response to your question is the non-
> profit organization does not have the computer budget for more. While it
> is true that $400 is small change for Corporate 500 or even Corporate
> 5000 firms, it is not a small investment to little organizations or
> mom&pop stores.
> It may be there is a big customer gap which no company is willing to fill
> for now. There are ultra-low end $50 appliances like Linksys/Netgear and
> then there are big irons like your Firebox at over $1500.
> I don't know but at the rate of non-responses to my inquiry, I suspect
> that you are maybe right that $400 will not be enough to get the
> organization what it needs. And that's a shame.
A basic PC running Linux and an IPtables firewall can provide the security
you need at the price level you want to pay.
However, what you save in money you have to pay for in increased
complexity, and the investment of time in learning how to administer
securely the Linux box, and how to setup and maintain the firewall rules.
You won't get something for nothing.
>From what I see of SmoothWall it should do what you require. "Address
filtering" can be achieved in the normal rules. There is a field for
"External IP or network" where you enter which source addresses are
allowed to connect to the given destination IP/port.
For ports 80/443 you would leave the "External IP" field blank to allow
all incoming requests. For other ports you would need one rule for each
external IP/subnet for each of the 3 servers to allow external staff to
-- Nigel Wade, System Administrator, Space Plasma Physics Group, University of Leicester, Leicester, LE1 7RH, UK E-mail : email@example.com Phone : +44 (0)116 2523548, Fax : +44 (0)116 2523555