x3n0 wrote:
> As I have lodgers in my house that "require" internet access. I
> thought it would be interesting to setup the network in such a way,
> that the lodgers would have their connection routed though an internal
> proxy/firewall.
>
> www>>primaryrouter(192.168.0.xxx>>proxy/firewall>>secondaryrouter(192.168.1.xxx)
> |>>proxy/firewall>>tertiaryrouter(192.168.2.xxx)
>
> I realise that the above is diabolically obscure in terms of concept
> and clarity, but finding a way to portray my idea is proving difficult
> to say the least.
>
> I basically need it to be secure to the point where neither of the
> networks can contact each other, but can (obviously) access the web.
>
> If anyone has *any* ideas about how I could possibly go about building
> such a setup... any suggestions would be most appreciated.
It sounds like you just need to set up a DMZ (Demilitarised Zone) on
your firewall. OOTB firewall distros like IPCop and Smoothwall support
these or you can configure firewalling rules yourself to do this. You
just need a router with three interfaces.
http://en.wikipedia.org/wiki/Demilitarized_zone_%28computing%29
HTH,
Tony
