[TriLUG] using a Linux box as a pass-through filter
jason at cerient.net
Mon Dec 20 09:09:16 EST 2004
On Monday 20 December 2004 08:54, Dan Monjar wrote:
> An idea I had late last night while I listened to the wind howl...
> would it be possible to setup a Linux box with two nics and use
> various firewall rules to filter traffic and ports... the possible
> gotcha is that I don't want either nic to have an IP address. I want
> to take traffic in on one port, analyze and drop unwanted packets and
> then push the acceptable traffic out through the other nic.
> I want an in-line filter...
> I wish everyone on the list a Happy and Safe Holiday season.
> Dan Monjar
you can do this with linux, but you can do it a lot easier with openbsd
(google for 'openbsd transparent firewall'). i have this exact setup
running on a client's colo rack, the firewall is literally invisible -
it has no ip address. as such, you can't ssh in to manage it, so i run
it headless and have to ssh to another box, where i login and use
minicom to communicate with it via a serial port. works great.
More information about the TriLUG