[plug] Routing
Jonathon Bates
batesy at batesy.net
Tue Jun 18 20:13:12 WST 2002
> > Say I have a box acting as a gateway. In that gateway (well within the
> > gateways network) I have a block of live IP's that all need access to the
> > world (easy)
> Live IP == world reachable (non-private) IP eg not 192.168.x.x or
> 10.x.x.x , block assigned by ISP?
No live IP's and so forth. So behinf the gateway there will be a block of
real IP's.
> Just asking to be sure, because if you're using IP Masquerade and
> private IP ranges, its an entirely different kettle of fish.
:)
> > How do I go about allowing traffic to flow freely in and out?
> Its rather more "how do I limit what trafffic is passed freely in and
> out" normally ; your ISP should be routing all traffic to your assigned
> IP block to your
> gateway, which by default ( or as per /proc/sys/net/ipv4/ip_forward )
> will route the packets to the appropriate host on the LAN.
As much as what I though! :)
> > Is it simply a firewall issue or something else?
> Well, you'll definitely want to set up a firewall on the gateway to
> police traffic and limit what can and can't pass; for normal users with
> private IP blocks who use IP masq its less of an issue since internal
> hosts can't be directly attacked (having non-routeable addresses) -
> you'll have to be extra careful.
Definately!
It will be done, there are Sparcs and OSX boxes beind this network..
Cheers
batesy
More information about the plug
mailing list