any sifu got experience in setting up a MNF? Actually i wanted to make one machine as MNF and all pc will go thru it b4 going thru the Internet ( as a normal configuration for a firewall ). So, do i need to place it under the DMZ zone and put two NIC with two diff ip or i dont need to place it under the DMZ zone? Please help....

if u use 2 NIC..the first NIC will go to streamyx modem... the 2nd NIC will go to any switch or "router dat u off the dhcp" means router in bridge mode...then u set dhcp server on ur mandrake..n the firewall..so from streamyx modem to ur first nic..there is no firewall..coz ur mandrake is the firewall itself...

i'm not sure on mandrake firewall...but linux..i think i will be the same..

hmmmm.... 2 nic eh? so that means that the mnf server will be under the DMZ zone?

wah by doing that i think u'll make the Linux as a gateway server la!

There is no need to setup a separate DMZ if you are just using it as a firewall. DMZ is used when/if you want to run a zone with mailserver and webserver and yet want to isolate it from your internal network.

I been runnig 3 MNF since it was first release and it is a stable firewall. Once thing you may want to do is to update all the packages and replace the kernel with 2.4.19, as oppose to the default 2.4.18 downloaded.

oooo... thank you thank you mandrake sifu. so in short
- i just need to nic, one nic points to the modem and the other points to the network (switch)
-oh yeah, how i configure the other users / clients to use the MNF? use the MNF ip address in the ipconfig (under gateway) or use the MNF server ip address in the internet explorer proxy server?

Thanks anyways....

i think it would be ipconfig..which now ur mnf server is a dhcp server..if not mistaken..coz now ur mnf will act as router..as far as i know..ask the expert ...i'm nva use mnf b4..hahaha..

Basically, you need two nic, 1 connect to modem and the other connect to your lan. Do not enter ip address for the nic that connect to the modem.

You will need to setup ip Masquerade on your MNF, point the rest of your lan to MNF? IP as the gateway. Mandrake by defualt turn off proxy server. However, you may enable squid to make it into proxy, in which case you would need to point proxy to the MNF ip as well.

One more thing is you may want to setup a caching DNS server on MNF, it has a web interface which all you have to do is turn it on.

thanks for sharing the info.

But can i also do this?

The MNF box first nic points (eth0) to the LAN (no gateway specified on the MNF box, but the LAN will use the eth0 ip as the gateway). eth1 will point to the modem ( has ip, gateway but running diff subnet mask ). Then in the Masquerade, eth0 will go through eth1.

Is this also correct?

Thanks for reading!