A long time ago, in a galaxy far, far way, someone said... > Having made the move to potato and 2.2.13, my server is now a source of joy. > One small question...to get things to start I've been adding then to > /etc/init.d/network along the lines of... > > echo "1" > /proc/sys/net/ipv4/ip_forward
Move this to the end. As it is now, there is a small window between forwarding being enabled and people getting what they're not supposed to. > ipchains -P forward DENY > ipchains -A forward -s 10.0.0.0/255.255.255.0 -j MASQ > ifconfig eth1 10.0.0.25 netmask 255.255.255.9 broadcast 10.0.0.255 > route add -net 10.0.0.0 dev eth1 This isn't needed with a 2.2 kernel - it's done automatically when 'ifconfig' is run. > fetchmail -d 300 > > Is there a better way to start a second NIC, IP masquarading and fetchmail. I've hacked up a set of shell scripts that make setting up additional NICs easy (I think so, at least). Let me know if you want it - total size of the tarball would be less than 1k. > Does this look like a secure setup? For the most part - as part of IP masq, you also have firewalling in the kernel. I suggest you make use of it. -- ---------------------------------------------------------------------- Phil Brutsche [EMAIL PROTECTED] "There are two things that are infinite; Human stupidity and the universe. And I'm not sure about the universe." - Albert Einstein
