[Firewall] Question

Morten canislupusfamiliaris at gmail.com
Thu Oct 16 00:01:44 CEST 2014


Hi again.

Is it possible to set a speed limit to internet at traffic that comes from
one of the NICs, or do I have to use something else then Arno to do that?

Regards,
Morten
On 14 Oct 2014 10:23, "Morten" <canislupusfamiliaris at gmail.com> wrote:

> Thank you very much!:-)
> On 14 Oct 2014 07:50, "Arno van Amersfoort" <
> arnova at rocky.eld.leidenuniv.nl> wrote:
>
>> This is a fairly simple setup. Just put all of your internal interfaces
>> in INT_IF. INT_IF interfaces are shielded from each other by default. Put
>> your external interface in EXT_IF (and configure EXT_IF_DHCP_IP etc.). You
>> probably also want to enable NAT, enable NAT=1 for this. That's it.
>>
>> a.
>>
>> On 13-Oct-14 20:48, Gene Cooper wrote:
>>
>>> Hi Morten,
>>>
>>> You mean ETH1, right?
>>>
>>> In previous situations, I have added simple firewall rules to block
>>> 10.0.0.0/8 from 10.0.0.0/8.  You might need to specify source or
>>> destination interfaces, or whatever to make the rules more granular if
>>> you need to, but that will mean you need more rules.
>>>
>>> Also, drop 192.168.0.0/24 from 10.0.0.0/8 plus 10.0.0.0/8 from
>>> 192.168.0.0/24.
>>>
>>> There's probably a better way and I'm no firewall expert, but it's
>>> simple and works.  If there is a better way, I'd like to know too.  ;-)
>>>
>>> Thanks,
>>>
>>> G
>>>
>>> On 10/13/2014 08:05 AM, Morten wrote:
>>>
>>>> Hi!
>>>>
>>>> I have six nics in a server that I will use as a firewall/router.
>>>> They are setup like this:
>>>>
>>>> eth0: 192.168.1.0/24 <http://192.168.1.0/24>
>>>> eth1: dhcp (external / internet)
>>>> eth2: 10.0.0.0/24 <http://10.0.0.0/24>
>>>> eth3: 10.0.1.0/24 <http://10.0.1.0/24>
>>>> eth4: 10.0.2.0/24 <http://10.0.2.0/24>
>>>> eth5: 10.0.3.0/24 <http://10.0.3.0/24>
>>>> eth6: 10.0.4.0/24 <http://10.0.4.0/24>
>>>>
>>>> I don't want any of the internal networks to be able to reach each
>>>> other, but they should be able to connect to internet through eth2.
>>>>
>>>> How should i setup the configuration file correct?
>>>>
>>>> Regards,
>>>> Morten
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Firewall mailing list
>>>> Firewall at rocky.eld.leidenuniv.nl
>>>> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
>>>> Arno's (Linux IPTABLES Firewall) Homepage:
>>>> http://rocky.eld.leidenuniv.nl
>>>>
>>>>
>>>  _______________________________________________
>> Firewall mailing list
>> Firewall at rocky.eld.leidenuniv.nl
>> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
>> Arno's (Linux IPTABLES Firewall) Homepage:
>> http://rocky.eld.leidenuniv.nl
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rocky.eld.leidenuniv.nl/pipermail/firewall/attachments/20141016/ec03f1e8/attachment.html>


More information about the Firewall mailing list