[TriLUG] using a Linux box as a pass-through filter

Jason Tower jason at cerient.net
Mon Dec 20 09:09:16 EST 2004


On Monday 20 December 2004 08:54, Dan Monjar wrote:
> An idea I had late last night while I listened to the wind howl...
> would it be possible to setup a Linux box with two nics and use
> various firewall rules to filter traffic and ports... the possible
> gotcha is that I don't want either nic to have an IP address.  I want
> to take traffic in on one port, analyze and drop unwanted packets and
> then push the acceptable traffic out through the other nic.
>
> I want an in-line filter...
>
> I wish everyone on the list a Happy and Safe Holiday season.
> --
> Dan Monjar

you can do this with linux, but you can do it a lot easier with openbsd 
(google for 'openbsd transparent firewall').  i have this exact setup 
running on a client's colo rack, the firewall is literally invisible - 
it has no ip address.  as such, you can't ssh in to manage it, so i run 
it headless and have to ssh to another box, where i login and use 
minicom to communicate with it via a serial port.  works great.

jason



More information about the TriLUG mailing list