[CentOS] Still Confused about Firewalling

ML mailinglists at MailNewsRSS.com
Mon Oct 19 19:25:40 UTC 2009


Hi All,

Sorry, I am still confused about implementing a firewall without  
having my ISP static route all of my traffic to my public IP's to a  
single public IP.

So before when I have done this for work all traffic has been  
statically routed.

Now I have a comcast modem and it is 'pass through' so traffic for all  
my 13 IP's is allowed and I have to decide what to do.

So I am looking at Vyatta or UnTangle. I have a machine with 3 NIC'e  
in it. I think one would be In, DMZ and last private.

What happens? I have one cable from my comcast gateway to my firewalls  
NIC, but how does it answer for all IP's that I have so i can evaluate  
the request incoming to a rule set and decide if allowed or denied?

I am missing something fundamental!  Can anyone help this click in my  
head? Without statically routing my traffic I dont get it.

Say a request comes to my webserver 172.13.167.xxx on port 80, but my  
firewall's IP for the card is 172.13.167.zzz how does it answer for  
172.13.167.xxx?

-Jason


More information about the CentOS mailing list