Iam planning to setup linux box as a router and firewall with two nics , my isp has given the following ip segment
1. 184.108.40.206/30 ( in this 220.127.116.11 has been configured to the subscriber unit by the ISP )
2. ISP has asked us to use 18.104.22.168/30 for the router
3. they have give the LAN public ip segment 22.214.171.124/29 ( our usable ip 's are 126.96.36.199 to 188.8.131.52)
Now my requirement is to make one linux box as router and firewall by making use of the router IP 184.108.40.206 for the eth1 interface and 192.168.1.245 for eth0 interface and the same firewall system will function as transparent proxy server for the lan users
and one linux machine say box-1 works as a DNS , SAMBA , APACHE , MYSQL , FTP ( this will be of private ip ) but in the router DNAT will be done for this server
similarly SNAT for few ips are done in the firewall .
I think one possible method which i know is make use of only one public ip 220.127.116.11 and configure it as router and firewallwall make SNAT and DNAT rules for few private ip 's running the mail server , ftp server , apache server in this case i will not be able use the other public lan ip's which is assigned to us that is 18.104.22.168/29 it is okay i do not mind by not making use of the public lan ip's 22.214.171.124/29 but i would like to know is this a suggested method if not please please suggest me the better method.