Re: [m0n0wall] Bridging Firewall

From:	"Christopher M. Iarocci" <iarocci at eastendsc dot com>
To:	Fred Weston <fred dot weston at daytonawan dot com>
Cc:	brwatters at abs dash internet dot com, m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] Bridging Firewall
Date:	Tue, 23 Mar 2004 13:50:41 -0500

Fred Weston wrote:

> Brian R. Watters wrote:
>
>> Hello all,
>>
>> We have a problem that needs to be addressed and need some feedback 
>> from the
>> list how best to handle our issue, We have about 12 Win2k servers 
>> running
>> standard INET services for web hosting and email some named based 
>> some IP
>> based .. Of course all on different subnets ..
>>
>> How best to protect these systems via a firewall? .. Bridging 
>> firewall? ..
>> Standard firewall and if so how? .. Will m0n0wall work in bridge mode ?
>>
>> Any how to's out there for this type of install for a server farm?
>>
>>
>> Brian
>>  
>>
> Brian,
>
>  A bridging firewall would be the easier way to go, and would probably 
> work OK if all of the servers have the same services running on them.  
> If you wanted to lock things down on a machine by machine basis, 
> bridging probably isn't for you.  I know m0n0 can bridge interfaces, 
> but I am not sure if it can apply firewall rules between them.  
> Someone else will need to chime in.
>
> Fred
>
m0n0wall can filter in bridging mode, AND set individual rules on a 
machine by machine basis if you wish.

Chris