How to setup a Linux Box as a gateway/firewall between two networks?

How to setup a Linux Box as a gateway/firewall between two networks?

Post by Patrizio Trinchin » Fri, 02 Nov 2001 18:56:45



Hi Folks,

I'm quite new to linux networking so I don't know if this
question may be considered a silly one!
I'd like to use a multi-homed Linux Box as a gateway/firewall
between two networks, as in the following ascii art layout:

(please, if the drawing is not clear, change the font to a fixed one!)

  --+--
  Unsec
   Box
  --+-- (146.84.180.10)
    |
----+-----+-------------- 146.84.180.x
          |
        --+-- Unsecure IF (146.84.180.1)
        Linux
         Box
        --+-- Secure IF (10.0.0.1)
          |
----------+-------+------ 10.0.0.x
                  |
                --+-- (10.0.0.10)
                 Sec
                 Box
                -----

Eg. I'd like to be able to ping/telnet/ftp/... the Sec Box
from the Usec Box, using the Linux Box as a NAT, as well as
beeing able to ping/telnet/ftp/... the Unsec Box from the
Sec Box; in other words, I'd like to separate the two networks
to be able to control every packet in transit using Linux
ipchains or something similar.

Is this a possible dream?

Is there someone that can suggest me the right way to do the trick?

Thanks a lot for your time and attention!!

Regards/Ciao,

     Patrizio

 
 
 

How to setup a Linux Box as a gateway/firewall between two networks?

Post by Dean Thompso » Fri, 02 Nov 2001 21:05:16


Hi!,

Quote:> I'm quite new to linux networking so I don't know if this
> question may be considered a silly one!
> I'd like to use a multi-homed Linux Box as a gateway/firewall
> between two networks, as in the following ascii art layout:

[...]

Quote:

> Eg. I'd like to be able to ping/telnet/ftp/... the Sec Box
> from the Usec Box, using the Linux Box as a NAT, as well as
> beeing able to ping/telnet/ftp/... the Unsec Box from the
> Sec Box; in other words, I'd like to separate the two networks
> to be able to control every packet in transit using Linux
> ipchains or something similar.

Take a look at the IPCHAINS-HOWTO (http://www.linuxdoc.org).  This will
provide you with the basic template on how you can do things like IP Masq'ing.

See ya

Dean Thompson

--
+____________________________+____________________________________________+

| Bach. Computing (Hons)     | ICQ     - 45191180                         |
| PhD Student                | Office  - <Off-Campus>                     |
| School Comp.Sci & Soft.Eng | Phone   - +61 3 9903 2787 (Gen. Office)    |
| MONASH (Caulfield Campus)  | Fax     - +61 3 9903 1077                  |
| Melbourne, Australia       |                                            |
+----------------------------+--------------------------------------------+

 
 
 

How to setup a Linux Box as a gateway/firewall between two networks?

Post by W. E. Earle » Mon, 19 Nov 2001 00:35:38


take a look at FreeS/WAN  http://www.freeswan.org
I think it'll do you a better job of what your looking for.



> Hi Folks,

> I'm quite new to linux networking so I don't know if this question may
> be considered a silly one! I'd like to use a multi-homed Linux Box as a
> gateway/firewall between two networks, as in the following ascii art
> layout:

> (please, if the drawing is not clear, change the font to a fixed one!)

>   --+--
>   Unsec
>    Box
>   --+-- (146.84.180.10)
>     |
> ----+-----+-------------- 146.84.180.x
>           |
>         --+-- Unsecure IF (146.84.180.1)
>         Linux
>          Box
>         --+-- Secure IF (10.0.0.1)
>           |
> ----------+-------+------ 10.0.0.x
>                   |
>                 --+-- (10.0.0.10)
>                  Sec
>                  Box
>                 -----

> Eg. I'd like to be able to ping/telnet/ftp/... the Sec Box from the Usec
> Box, using the Linux Box as a NAT, as well as beeing able to
> ping/telnet/ftp/... the Unsec Box from the Sec Box; in other words, I'd
> like to separate the two networks to be able to control every packet in
> transit using Linux ipchains or something similar.

> Is this a possible dream?

> Is there someone that can suggest me the right way to do the trick?

> Thanks a lot for your time and attention!!

> Regards/Ciao,

>      Patrizio

 
 
 

1. Trying to setup firewall on linux box with two network cards, cards are not configuring correctly

I am setting up a firewall with latest version of redhat 9. The box
has two network cards with static IPs, one has one IP other has 3 IP
address using aliasing.

eth1   (192.168.0.214)
eth0   (192.168.254.211)
eth0:0 (192.168.254.212)
eth0:1 (192.168.254.213)

After reboot, both cards are detected and brought up, when trying to
ping either side from the firewall (coming back destination
unreachable)

      Network-----X-----Linux-----X-----Laptop

Also can not ping from either side to firewall (coming back time
outs).

When down one network card and bring up other again, can ping that
side. Bring up other card again and can not ping anything!

Any help would be appreciated.

2. Disk Drive Light is always on

3. Linux Box, Win98 box, Two Network cards, Now What?

4. Incorrect time after suspending computer

5. Joining two networks through two dial-up-ing linux boxes

6. PPP & Dip

7. Connecting two networks with two linux boxes.

8. Weird df info displayed

9. can't setup tcp/ip network between win95 box and linux box

10. Network-Hell: Trying to setup two NICs on Gateway

11. how to make a freebsd box use a gateway, NOT make the box a gateway!

12. Firewall setup and two network cards PLEASE HELP

13. Linux box as gateway/firewall?