See basically the firewall will not process much of your traffic, which simply forwards the packets. So the currnet configuration for firewalling is sufficient for iptables.Hello Friends, I have recently setup an iptables based firewall and put a Sendmail server behind firewall (although after facing some problems and with help from friends in this mailling list). Now I want to put a proxy server behind this same firewall. Right now the proxy server is connected directly to the internet. Before moving ahead I want to know what will be the load on the firewall. The configuration of firewall box is P4, ~1.8GHz, 256MB RAM, Mandrake Linux 9.1, IPTables 1.2.7 and Shorewall 1.3.14. I will be having aroung 300-400 concurrent users. I plan to setup NATting. Can anybody help me in this regard. Whether NATting will be sufficient to take care about this load or some other method can be used ( Total load on firewall will be some 1000 email accounts on sendmail server and around 400 clients for web browsing). If anybody can direct me to some websites having some sort of statistics for iptables. Thanks a lot, Pradeep Bhomia
And you have to use natting if you are placing the proxy server before the firewall.
-- Regards Dharmendra.T dharmu@xxxxxxxxxxx Linux Security and Admin |
