I have a Linux proxy firewall protecting my internal LAN. IP forwarding and
some other networking functions have been removed from the kernel and all is
I now want to introduce a DMZ so was planning on putting a third network
card in my firewall and thus creating a another subnet for the DMZ. The
problem is to access this network from my internal/external networks I need
to enable IP forwarding to route from these interfaces to the new one.
Is this the correct way do do things? I was under the impression that IP
forwarding was to be kept off the a proxy firewall?