[2218] in linux-net channel archive
Re: firewall setup problems
daemon@ATHENA.MIT.EDU (Robert Lee)
Fri Mar 22 16:08:34 1996
Date: Fri, 22 Mar 1996 14:46:01 +0000
From: leerobert@attmail.com (Robert Lee)
In-Reply-To: your message <9603221853.AA03741@grundoon.pas1.logicon.com.> of Fri Mar 22 10:53:53 -0800 1996
To: chris@topdog.pas1.logicon.com (Chris Albertson),
linux-net@vger.rutgers.edu
Chris,
You are right. In a real setup and even for the correct test setup, there
should be two separate hubs hanging off of the Linux box instead of all host
connected to a single hub. The ascii diagram (took me minutes to make it look
ok :-) ) I posted is a test setup I have on my desk just to test out the Linux
configurations to make sure packets do flow from one NIC to another.
Robert
____________________ Begin Original Message ___________________________
Date: Fri Mar 22 10:53:53 -0800 1996
From: internet!pas1.logicon.com!chris (Chris Albertson)
Subject: Re: firewall setup problems
To: !leerobert
Content-Type: text
Content-Length: 2242
It seems odd to me that you have all three machines on the same physical
LAN. The whole point of a firewall is that there are two networks
connected only by the firewall. If Linux C and B are on the same wire
things or realy odd and youve defeted the purpose of the firewall.
Assume PC-C is in your office and PC-B belongs to a Hacker type in some
other place. How can you assume he will set his default gateway to Linux B?
If you can assume this then why have a firewall?
To setup and test a firewall you neen two hubs or two coax segments.
Without this whats to keep PC-B from changing his config files to anything
he wants and directly accessing PC-C?
--Chris Albertson
chris@topdog.logicon.com Voice: 818-351-0089 X127
Logicon RDA, Pasadena California Fax: 818-351-0699
