[ previous ] [ next ] [ threads ]
 From:  "Christopher M. Iarocci" <iarocci at eastendsc dot com>
 To:  Fred Weston <fred dot weston at daytonawan dot com>
 Cc:  brwatters at abs dash internet dot com, m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Bridging Firewall
 Date:  Tue, 23 Mar 2004 13:50:41 -0500
Fred Weston wrote:

> Brian R. Watters wrote:
>> Hello all,
>> We have a problem that needs to be addressed and need some feedback 
>> from the
>> list how best to handle our issue, We have about 12 Win2k servers 
>> running
>> standard INET services for web hosting and email some named based 
>> some IP
>> based .. Of course all on different subnets ..
>> How best to protect these systems via a firewall? .. Bridging 
>> firewall? ..
>> Standard firewall and if so how? .. Will m0n0wall work in bridge mode ?
>> Any how to's out there for this type of install for a server farm?
>> Brian
> Brian,
>  A bridging firewall would be the easier way to go, and would probably 
> work OK if all of the servers have the same services running on them.  
> If you wanted to lock things down on a machine by machine basis, 
> bridging probably isn't for you.  I know m0n0 can bridge interfaces, 
> but I am not sure if it can apply firewall rules between them.  
> Someone else will need to chime in.
> Fred
m0n0wall can filter in bridging mode, AND set individual rules on a 
machine by machine basis if you wish.