• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 363
  • Last Modified:

Public Firewall

We recently implemented Paralells, plesk.  You cannot NAT Plesk containers.  All containers are public IP's.  The class C public IPs sit on the colo's router and then this plugs into my switch using a cat5 cable the colo facility provides.  The servers are plugged into the switch too, all having public IP's.  I can certainly put a firewall in place and change the gateway on the NIC's on the servers and have the outbound traffic pass thourgh the firewall.  The QUESTION is about inbound traffic, how can you have the firewall filter inbound traffic, when it is all public IP broadcast traffic?
0
centuric
Asked:
centuric
1 Solution
 
giltjrCommented:
You would need to implement a firewall that works in bridge mode and not as filtering router.  In bridge mode they are "transparent" at layer 3 so there is no IP routing or NAT'ing avalaible, but you can still filter traffic.

I have not read it in detail, but I did find how to implment a bridging firewall in Linux using netables.

     http://www.spenneberg.com/talks/linux-kongress2002/ralf-spenneberg.bridgewall.pdf

I'm not sure what commercial firewalls will work in bridge mode.  I know PIX (now ASA) from Cisco does and I am sure some of the other big names (like Juniper and Checkpoint) do also.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now