>> Hey guys,
>> Here is my situation: My company is in the process of getting a direct
>> internet connection, and we are considering putting in a firewall. We use NT/
>> 95 machines in the office and NT servers. We are considering using linux as a
>> firewall between the internet and our in-house network. Here are a few
>> questions I have.
>> 1) Can I do this?
>> 2) I don't want everyone to have accounts on the linux box, do I need
>> to give accounts to make a proxy server work?
>> Thanks for your help,
>> Mark
>shure, it IS possible and no problem to configure. use your linuxBox as
>a packet-filter with 'ipfwadm' and as a proxy with 'the firewall
>toolkit' or even 'squid'. There is a howto aviable somewhere which
At the company I work for I decided to go with this solution. It works
quite well, and wasn't too bad in setting up. With ipfwadm, the
configuration can be set to be very secure, and you don't need to deal
with proxy servers. While the proxy may give you better security, I'm
not to sure that it will. The ipfwadm can only allow outgoing tcp
connections, and only to certain ports, etc. As well, the system we
are using is a 386sx/16 with 8 megs of ram. That seems to be more the
enough to saturate our 128k frame relay.
Good luck,
Erick Thompson
by