I have a RedHat 7.2 installation with two cards that I am hooking to my DSL connection. I would appreciate an iptables with NAT example of a reasonably secure setup for this. I will be hosting a web site with mail and will have computers on the back side on a 10.x.x.x network. I was assigned a static IP address by my provider.
eth0 - public side - 216.X.X.X mask 255.255.255.0
eth1 - private side - 10.X.X.X - I assigned this card 10.0.5.1 mask 255.0.0.0
My private side machines are all staticly assigned starting at 10.0.0.101 mask 255.0.0.0
I have read the NAT-HowTo & the Packet Filtering HowTo and am familiar with the commands they exposed. However, my experience with Linux is limited. I concluded that the Filtering & NAT seemed the be concerned with just the eth0 side mainly. I am confused about passing my internal traffic through and not leaving myself overly exposed.
I will be opening port 80, Secure WWW, and SSH. I am running a club site for a Dirt Bike Club in my town on this server machine.
The HowTo documents had a lot of information but not too many examples I could understand well enough to get a good base configuration going. I am unfamiliar with the security issues involved in this and so appreciate the help. My only experience in the past has been with a Galantry Free BSD box that was only maintained with their web based tools. As a result we exposed our mail server and it got hyjacked :-(
Thanks VERY much in advance.
Terry
It is impossible to make programs idiot proof. Idiots are too cleaver.
MCP( Tcp/Ip )