On 21:42 Thu 06 Oct , Mark wrote: > I'd like to build a gentoo box to act as a single router between a > hardware firewall (appliance) and two internal separate network segments. > The goal is to allow both internal segments to access the Internet via the > same firewall, but not allow them to see eachother. > > Here's my general idea - please tell me if it makes sense so far.
Your outline looks good. Haven't ever used a hardware firewall, though.
My setup is a firewall/router, external port to dsl modem, two internal,
one wired, one wireless. I bridged the two internals into a single subnet.
I used:
http://www.gentoo.org/doc/en/home-router-howto.xml
as my guide, then did some googling on bridging for the rest. Works great!
By the way, I used iptables for the firewall, but there is some terrific
documentation for shorewall, which you might find a bit easier.
Bill Roberts
pgp1tQvgIrtFk.pgp
Description: PGP signature
