[TriLUG] Drop and insert transparent firewall (OpenBSD)
Jason Tower
jason at cerient.net
Sun May 2 00:37:14 EDT 2004
the other neat thing about this setup is that it can be *very*
minimalistic. the box that jon referenced is using a 1gb disk with 70%
free space, 32mb ram w/ 20mb free and 6 runnng processes.
management is also different from most linux setups. since it has no IP
addresses on either interface, you can't ssh to it. instead, you ssh
to another host and run minicom which communicates with the firewall
via a serial port. this particular hardware has the ability to direct
the bios display to a serial port, so you can actually see the bootup
info and even change bios options remotely. pretty slick :-)
props to aaron joyner who helped with the setup and configuration of
this particular device.
jason
On Saturday 01 May 2004 19:35, Jon Carnes wrote:
> Jason Tower showed me a neat trick the other day - using OpenBSD to
> insert a Firewall/packet filter transparently into an existing
> network.
>
> The firewall uses no ip addresses and sits between the router and the
> companies external switch. The external switch has various boxen
> attached - each of which uses an external IP address. All the
> external IP addresses are in use, so the firewall/packet filter had
> to be inserted without using any additional IP's.
>
> This does the trick rather nicely:
> http://www.openbsd.org/faq/faq6.html#Bridge
>
> Enjoy!
More information about the TriLUG
mailing list