firewalling addresses within the same subnetwork

firewalling addresses within the same subnetwork

Post by roo » Thu, 02 Jul 1998 04:00:00



How could I set up a firewall with IP Filtering on a network
where the IP addresses of the machines that I would like to
firewall are intermixed/within the same netmask as the machines that
are on the other side of the firewall?

In other words, I have a setup like this:
Machine Name            IP Address
A (within firewall)     192.168.0.5
B (outside firewall)    192.168.0.6
C (within firewall)     192.168.0.7
D (outside firewall)    192.168.0.8
E (outside firewall)    192.168.0.9
F (firewall)            192.168.0.10                    

I would like to set up machine F as the firewall machine, and secure
machines A & C behind the firewall, F. I can physically wire machines
A & C into the same hub, and then connect them directly to one
network connection on the firewall. The firewall would then connect to
the other machines via the second network interface.

                              B
A---------                   /
          \_____ F _________/_____D
          /                 \
C---------                   \
                              E

Would I use ARP on the firewall machine (F) to listen for the IP addresses
for machines A & B and then set up the firewall rules?

Ari Shapiro