Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!news.mel.connect.com.au!munnari.OZ.AU!spool.mu.edu!uwm.edu!lll-winken.llnl.gov!enews.sgi.com!decwrl!brighton.openmarket.com!wizard.pn.com!news.zeitgeist.net!news.zoom.com!news.zoom.com!not-for-mail From: hjl@zoom.com (H J Lu) Newsgroups: comp.os.linux.networking,comp.security.firewalls,comp.dcom.isdn,comp.unix.bsd.freebsd.misc,comp.unix.bsd.netbsd.misc Subject: Help: ISDN and firewall Date: 15 Jan 1996 11:46:19 -0800 Organization: Zoom.Com Information Services Inc. Lines: 26 Message-ID: <4deaub$nll@aurora.romoidoy.com> NNTP-Posting-Host: aurora.zoom.com X-Newsreader: TIN [version 1.2 PL2] Xref: euryale.cc.adfa.oz.au comp.os.linux.networking:25964 comp.security.firewalls:998 comp.dcom.isdn:25928 comp.unix.bsd.freebsd.misc:12569 comp.unix.bsd.netbsd.misc:1977 Hi, I am put in charge to design/implement a firewall for our class C network with an ISDN connection to internet. Our goal is to control the access from the outside and yet provide the maximum transparency. 1. From our class C network, all outgoing connections can be allowed/denied bases on the IP addresses/ports. 2. From outside, all incoming connections should go through the firewall and we can control the access. If necessary, we can allow any incoming connections based on the IP addresses/ports. 3. We plan to run a few Internet servers on the firewall machine which are accessible from the outside. 4. To access our Class C network from the outside, we should be able to login on the firewall machine and go from there. From what we need, I am not sure proxy services will be sufficient for us. Since the traffic between our network and the outside won't be very heavy, I am thinking to implement the router/firewall machine on a Unix machine with an ISDN interface using a router with a packet filter. I was wondering what free/commercial packet filtering routers available for Unix, especially for Linux. Will screend work in this case? Thanks a lot. H.J.