[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: firewall without nat
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: firewall without nat
- From: Chuck Yerkes <chuck+obsd_(_at_)_2003_(_dot_)_snew_(_dot_)_com>
- Date: Tue, 21 Jan 2003 14:53:11 -0500
- Mail-followup-to: Chuck Yerkes <chuck+obsd_(_at_)_2003_(_dot_)_snew_(_dot_)_com>, misc_(_at_)_openbsd_(_dot_)_org
- Reply-to: misc_(_at_)_openbsd_(_dot_)_org
Absolutely. NAT is just the poor man's attempt to do it.
There are several books on firewalling. With proxies,
filters and so forth, you can do this just fine.
We presume you have routable addresses on the inside,
you just shape and filter the packets as they go through.
Quoting Bryan Irvine (bryan_(_dot_)_irvine_(_at_)_kingcountyjournal_(_dot_)_com):
> Is it possible to do firewalling without NAT (he asked knowingly).
> How is this done?
> I'm going to be replacing an old linux firewall with an openbsd one
> (preferably) but those machines need to be acessable via the outside
> world (web servers mail servers, etc etc...).
Visit your host, monkey.org