Is Netfilter a suitable solution to use as a reverse proxy? I want to employ a bouncer for an IIS server that I have... I've chosen Linux for the job. I can easily turn the Linux server into a router, and route the traffic to the server, but this doesn't sound secure. I can do some DNAT translation to redirect specific port traffic, but that doesn't sound much better. I'm just redirecting dangerous traffic to the box I'm protecting. I could just build the box, sit back and think I've done a great job. Maybe nobody will attack my box, but that doesn't mean it's secure? I would like somebody to point out the security benefits I could employ to truly protect my lowly IIS server. I would like to redirect 80, 443 and couple of other ports. I known it's quite broad but you don't have to be specific, but if you feel in a good mood you could always post the rc.firewall-2.4 file for me. =!) Wayne "If it wasn't for us newbie's, you wouldn't have that self confident air of superiority, stupid guys rule"
