[KLUG Members] More questions about Firewall

[Scott Van Singel]

Gang, 

 I was going over your web page and noticed some presentations on Netfilter and Squid (Thanks for taking the time to create these presentations). 
So I have some basic questions. 

1. Can I put my Email server behind the Linux server running Netfileter.
	A. I assign the EMail server with a IP of 10.1.1.26
	B. I have a Public IP assigned to it of 208.X.X.60. So I would like the Linux server to answer to three public IP's
Then be able to route the packets to the servers that they need to go to. 
But can this be done and have the Email server run like it had a hot connection. 

2. Can I close all ports inside except for the servers that I want to have access. Example: I have a Esafe Gateway that uses FTP to get daily updates. It is currently behind our Linux server running Squid. The Esafe can not get the updates because it will not allow FTP to work. So, If I can configure the Netfiter to allow the Esafe to FTP out, then that will help a lot. 

3. I need a way to protect some of my severs. They have a hot connection to the Internet and I think some of the kids are trying to hack into them. 

4. If I understand this correctly, I can use Netfilter for Nat and translation with some rules and put Squid up for DNS and Web caching?

5. Also, with the way our Squid is configured we can not ping from our workstations. I would like to be able to do that. 
I need to use Ping for some testing.  Is this possible with Netfileter. 

Thanks

Scott






Scott Van Singel
IT Director
Sturgis Public Schools
Phone: 616-659-1512
Email: svansingel@sturgis.k12.mi.us