Solved

Public Firewall

Posted on 2011-03-05
1
356 Views
Last Modified: 2012-05-11
We recently implemented Paralells, plesk.  You cannot NAT Plesk containers.  All containers are public IP's.  The class C public IPs sit on the colo's router and then this plugs into my switch using a cat5 cable the colo facility provides.  The servers are plugged into the switch too, all having public IP's.  I can certainly put a firewall in place and change the gateway on the NIC's on the servers and have the outbound traffic pass thourgh the firewall.  The QUESTION is about inbound traffic, how can you have the firewall filter inbound traffic, when it is all public IP broadcast traffic?
0
Comment
Question by:centuric
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 57

Accepted Solution

by:
giltjr earned 500 total points
ID: 35044301
You would need to implement a firewall that works in bridge mode and not as filtering router.  In bridge mode they are "transparent" at layer 3 so there is no IP routing or NAT'ing avalaible, but you can still filter traffic.

I have not read it in detail, but I did find how to implment a bridging firewall in Linux using netables.

     http://www.spenneberg.com/talks/linux-kongress2002/ralf-spenneberg.bridgewall.pdf

I'm not sure what commercial firewalls will work in bridge mode.  I know PIX (now ASA) from Cisco does and I am sure some of the other big names (like Juniper and Checkpoint) do also.
0

Featured Post

SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A customer recently asked me about anti-malware and the different deployment options available for his business. Daily news about cyberattacks, zero-day vulnerabilities, and companies that suffered a security breach made him wonder if the endpoint …
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question