RES: Can someone help me to configure my DMZ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello,

I'm attaching a new picture and now you can see ecxactly what i've written.

Thanks a lot in advance,
Wagner.

-----Mensagem original-----
De: netfilter-admin@xxxxxxxxxxxxxxxxxxx
[mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx]Em nome de Arnt Karlsen
Enviada em: terca-feira, 19 de agosto de 2003 12:34
Para: netfilter@xxxxxxxxxxxxxxxxxxx
Assunto: Re: Can someone help me to configure my DMZ?


On Fri, 15 Aug 2003 16:22:40 -0300, 
"Wagner" <wagnergc@xxxxxxxxxxxxxxxxxxxxx> wrote in message 
<002a01c36362$98b74bc0$0e021b0a@WAGNERGC>:

> Hello,
> 
> I'm new to iptables and i'll have to configure my DMZ like this:

...no, you didn't, because you made your ascii art too wide.

..squeeze it to within 72 characters or less, and repost.

> 
>                                     ______________________
>                                     |                               
     |>                                     |         INTERNET          
 |>                                     |_____________________|
>                                                      |
>                                                      |  STATIC IP
> (200.X.X.X - ETH0)
>                                      _________|______________
> STATIC IP                     |           FIREWALL              |
> (192.168.0.1 - ETH2)      |          RED HAT 9               |
>            ______________|  WEB SERVER (APACHE)
>            |__________________________                        |  DNS
>            |SERVER (BIND)        ||
>            |                        |  FTP SERVER                   |
> STATIC IP (10.0.0.1 - ETH1)   |
>            |                        |________________________|
> |
>            |
> | STATIC IP (10.0.0.2 - ETH0)
>            |
> ______________|_________
>            |
> |     DMZ (ONE MACHINE)    |
>            |     STATIC IP (192.168.0.2)
> |            RED HAT 9             |
>    _____|_________________________
> |  WEB SERVER (APACHE) |
>    |  INTERNAL NETWORK                 |
> |  MAIL SERVER (QMAIL)     |
>    |  (ONE MACHINE - WINDOWS XP) |
> |________________________|
>    |______________________________|
> 
> I've designed this topology, so if there is a mistake in it please
> corret me. The firewall machine has 3 net cards.
> 
> The rules are as follows:
> 
> Outside people can access the WEB, DNS and FTP servers in the
> firewall. Outside people can access the WEB and MAIL server on the
> DMZ.
> 
> Internal network people can access the WEB, DNS, FTP and MAIL in the
> DMZ and in the INTERNET.
> 
> Can someone help me configure IPTABLES to meet this requirement cause
> i am new to iptables.
> 
> Thanks a lot in advance,
> Wagner.
> 


-- 
..med vennlig hilsen = with Kind Regards from Arnt... ;-)
...with a number of polar bear hunters in his ancestry...
  Scenarios always come in sets of three: 
  best case, worst case, and just in case.

Attachment: dmz.gif
Description: Binary data

[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux