On Wed, Nov 05, 2003 at 09:52:42AM +0100, Andreas Bohnert wrote: > Hi, > I don't know how to setup my firewall for my new xdsl connection. I > saw some posting concerning adsl, so maybe there are some > people, who know how to handle this.
I'm not sure what you're talking about, with xdsl and lokal, but I'd recommend the shorewall firewall. It takes a bit of configuration, but pretty minimal, and straightforward if you follow the docs and examples. I've used it for a dsl connection with pppoe on interface eth0, internal network on eth1. The woody/stable package is not exactly current, but very workable and the docs and examples are available for it. I'm sure unstable is at the latest version, so might be preferable especially if you feel the need to request help (most questions on the shorewall list are answered by the developer, often to implore folks to read and follow the docs). Maybe this is off the mark for your situation, I don't know. Good luck! Ken > > here is my situation: > > eth0 is connect to my private network (192.168.0.1). > my eth1 gets an lokal ip from my xdsl router (subnet 10.x.x.x). > than I have to build up a tunnel connection with my router with pptp. > now I have ppp0, which is my xdsl interface. > > this works fine, but now I have to setup my firewall! > > I know ppp0 is my external interface now, but what about eth1 (which > is connect to my router)? > I looked around and some people say, they setup the firewall like this: > eth0 (private) = FW_DEV_INT > eth1 (connect to router) = FW_DEV_INT !! > ppp0 (xdsl) = FW_DEV_EXT > > but somehow I think, eth1 should be FW_DEV_EXT as well, because it's > phyiscally connected to the internet. > also, what about the firewall between ppp0 and eth1 - it shouldn't > block communication. > > so, what do you think, if I configure eth1 as external? > > thanks for any advice! > > andreas > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > -- Ken Irving, Research Analyst, [EMAIL PROTECTED], 907-474-6152 Water and Environmental Research Center Institute of Northern Engineering University of Alaska, Fairbanks -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
