Is This DSL configuration possible ???

I want to test some server systems and firewall combinations on my
LAN I can't see how to simulate access from the public internet.

I've got a DSL/pppoe connection to a Linksys router/firewall (soon to
be replaced with an IPcop box). I'd love to put a small hub between
the linksys box and the DSL modem then plug a test client into the
hub. I know this won't work.

Can this be done with a linux-based firewall, even if it requires a
third ethernet card ?







--
Al Dykes
-----------
adykes@panix.com

On 28 Dec 2003 08:46:56 -0500, Al Dykes <adykes@panix.com> wrote:
>
> I want to test some server systems and firewall combinations on my
> LAN I can't see how to simulate access from the public internet.
>
> I've got a DSL/pppoe connection to a Linksys router/firewall (soon to
> be replaced with an IPcop box). I'd love to put a small hub between
> the linksys box and the DSL modem then plug a test client into the
> hub. I know this won't work.
>
> Can this be done with a linux-based firewall, even if it requires a
> third ethernet card ?

What would a third ethernet do (unless you will have public static IPs on
DMZ)? You could simply use 2 nics to insert test firewall between Linksys
and hub with the LAN side a different network. You would just be
temporarily firewalling the nic that faces the Linksys, and when ready to
go live (direct to modem), would need to switch the firewall to ppp0
(which can be refreshed automatically from a script in /etc/ppp/ip-up).

This would allow you to test port scanning from a PC on the Linksys
without being wide open to the internet.

--
David Efflandt - All spam ignored http://www.de-srv.com/

In article <slrnbutvav.5ts.efflandt@typhoon.xnet.com>,
David Efflandt <efflandt@xnet.com> wrote:
>On 28 Dec 2003 08:46:56 -0500, Al Dykes <adykes@panix.com> wrote:
>>
>> I want to test some server systems and firewall combinations on my
>> LAN I can't see how to simulate access from the public internet.
>>
>> I've got a DSL/pppoe connection to a Linksys router/firewall (soon to
>> be replaced with an IPcop box). I'd love to put a small hub between
>> the linksys box and the DSL modem then plug a test client into the
>> hub. I know this won't work.
>>
>> Can this be done with a linux-based firewall, even if it requires a
>> third ethernet card ?
>
>What would a third ethernet do (unless you will have public static IPs on
>DMZ)? You could simply use 2 nics to insert test firewall between Linksys
>and hub with the LAN side a different network. You would just be
>temporarily firewalling the nic that faces the Linksys, and when ready to
>go live (direct to modem), would need to switch the firewall to ppp0
>(which can be refreshed automatically from a script in /etc/ppp/ip-up).
>
>This would allow you to test port scanning from a PC on the Linksys
>without being wide open to the internet.
>

A fair suggestion, but.....

I really want to test the production firewall sometimes, while I'm on
customer's site, and they don't know why they need a second firewall
box on hand. It's more than port scanning. I can do that kind of
thing from the shell account on my ISP's system. Having two firewalls
means that I have to manually keep them set up identically, and that's
real hard to do, over time.


>--
>David Efflandt - All spam ignored http://www.de-srv.com/


--
Al Dykes
-----------
adykes@panix.com