On Mon, Jun 17, 2002 at 11:31:16AM -0500, Duncan Shannon wrote: >Hey gang- > >Ive got a network card, and one IP on it using gSheild as my firewall. So your firewall has only one network card init? > >Ive got a dozen (could be a hunderd or two in the future) other IP's >that i want to be routable (they are all public ip's). > >I want to continue to use gShield. > >A friend once mentioned putting all the other IP's on the loopback IF. >This made all the other IP's world routable, and all the firewalling was >done on the eth0. >Does any of this make sense? IF not, what is the best way to get lots of >IP's on a single NIC, with easy firewalling? 2 choices. 1.) IP Aliases and some clever iptables rules. 2.) http://bridge.sourceforge.net/ (linux bridge stuff) http://openlysecure.org/openbsd/how-to/invisible_firewall.html (OpenBSD filtering bridge) > >duncan > >_______________________________________________ >Twin Cities Linux Users Group Mailing List - Minneapolis/St. Paul, Minnesota >http://www.mn-linux.org >tclug-list at mn-linux.org >https://mailman.mn-linux.org/mailman/listinfo/tclug-list > > -- Ben Lutgens | http://people.sistina.com/~blutgens/ System Administrator | http://www.sistina.com/ Sistina Software Inc. | "I got a wife and kids too but you don't see me out here stealing Imperial Droids now do ya?" -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20020617/c708ead8/attachment.pgp