On Thu, Nov 02, 2000 at 10:36 +0100, Bauer, Juergen wrote:
i want to do that, because they've got only 8 public ip-addresse (so 6 actually)
Why is the word "T-IC" immediately bubbling up? :> Well, it doesn't have a "Linux" in its name, but you might want to visit http://www.obfuscation.org/ipf/ and read the ipfilter howto. Even if you won't employ ipf it will be very helpful in understanding packet filters and how to create your rulesets. BTW when reading this document you will notice where ipchains is lacking and why you will want to use iptables(sp?) at the very least (i.e. kernel 2.4 plus what it takes to run it). And if you decide to use, say, OpenBSD -- it has ipf in its base. This way you could set up a bridge with it, don't need any IP numbers for the machine and still have the packets filtered. Just imagine that you get a "wire" which looks and behaves like a normal copper line, but turns out to be quite selective about which traffic to let through. :) And while you're at this (improving your software environment), leave bind and sendmail and Co aside and use djbdns, qmail or postfix, et al. You definitely *will* get attacked at least once a day. It's always better to be safe than sorry ... PS: This is *not* Linux bashing. It's just pointing out where other systems fit better for a particular purpose. virtually yours 82D1 9B9C 01DC 4FB4 D7B4 61BE 3F49 4F77 72DE DA76 Gerhard Sittig true | mail -s "get gpg key" Gerhard.Sittig@gmx.net -- If you don't understand or are scared by any of the above ask your parents or an adult to help you.