Firewalling/bandwidth managing multiple public IP's

[Byteripper]

Hi guys,

After hours of reading and searching, I can't seem to find a solution for a problem I'm having.

I have multiple public IP addresses through my ISP, and would like to use these adresses on the clients in my network. Currently my network is configured like this:

Code:

                  +------------+             +------+         PC1 (IP: xxx.99.236.82, gateway xxx.99.236.81)
Internet  <-----> |ADSL Gateway|    <---->   |Switch|  --->   PC2 (IP: xxx.99.236.83, gateway xxx.99.236.81)
                  +------------+             +------+         PC3 (IP: xxx.99.236.84, gateway xxx.99.236.81)
                 IP: xxx.99.236.81
                 with DHCP server

The bad thing we see here is:
1) There is no firewall
2) We can't use bandwidth control

So, I would like to have this setup (also for wireless):

Code:

                  +------------+              +----+             +---------------+         PC1 (IP: xxx.99.236.83)
Internet  <-----> |ADSL Gateway|    <----> WAN|Asus|LAN<--->     |Switch+wireless|  --->   PC2 (IP: xxx.99.236.84)
                  +------------+              +----+             +---------------+         PC3 (IP: xxx.99.236.85)
                 IP: xxx.99.236.81           Firewalling
                 with DHCP server            Bandwidth mgmt
                                             IP: xxx.99.236.82

How can I do this on the Asus? I already installed the hacked firmware, and have several interfaces (eth0, eth1, br0). There are also two vlan's: vlan0 and vlan1. Shouldn't there be three interfaces? (WAN, LAN-hub (bridged) and wireless?) I think it's the best to make a firewalling bridge between WAN on one side, and the LAN and wireless on the other side. How do I do this? And is it also possible to use bandwidth management between WAN <--> LAN and wirelsss when I have a bridge?

I really don't wan't to use NAT, but do want to take advantage of the advanced functions of the WL550gE.

Thanks in advance,

Byteripper.

[Styno]

I'm not into Linux firewalling, but I'm sure there are scripts available on the internet which can be used to build firewall rules. You can paste these rules into the post-firewall script (you need a custom firmware from Oleg for this to function).

Bandwith management can be achieved by using Wondershaper, also available in the custom firmwares from Oleg.

[Byteripper]

I'm not into Linux firewalling, but I'm sure there are scripts available on the internet which can be used to build firewall rules. You can paste these rules into the post-firewall script (you need a custom firmware from Oleg for this to function).

Bandwith management can be achieved by using Wondershaper, also available in the custom firmwares from Oleg.

Hi Styno, thanks for your response.

I know I can use linux firewall scripts and the wondershaper script to do the firewalling and traffic shaping. Only thing I need to know is how to set up the routing in my network, because I won't use NAT. Should I use multiple subnets? Or ARP-proxying? Or maybe make a firewalling bridge or something? Also I don't know which one of these options are available in Oleg's firmware and how I can enable them.

[Styno]

Beats me

Sorry.