Re: Router/Firewall Recommendation
From: Mike Burger (mburger_at_bubbanfriends.org)
Date: 06/22/04
- Previous message: Oscar Hernández Hernández: "Mysql RHAS 3"
- In reply to: Jason Dixon: "Re: Router/Firewall Recommendation"
- Next in thread: Jeff: "Re: Router/Firewall Recommendation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Tue, 22 Jun 2004 06:19:35 -0500 (EST) To: General Red Hat Linux discussion list <redhat-list@redhat.com>
On Mon, 21 Jun 2004, Jason Dixon wrote:
> On Jun 21, 2004, at 10:51 PM, Alejandro Calbazana wrote:
>
> > I was looking for some recommendations on using a standalone RH
> > machine as a
> > firewall. Right now, I have an older Linksys router which I use as a
> > standalone router for my broadband connection. I was considering
> > placing a
> > firewall behind my router. Other than being overly paranoid, I'd like
> > to do
> > this b/c i like the logging capability of iptables and iptables has
> > much
> > more flexibility as far as rules go. The Linksys router simply routes,
> > forwards, and does rudimentary logging. My questions are:
> >
> > 1. Is the overkill from a home network?
>
> Not if the Linksys only performs basic NAT/routing. You'd be smart to
> add an advanced filtering device.
The Linksys' NAT/firewalling can probably be turned off, making it just a
router...definitely not overkill, but possibly not necessary.
> > 2. Should I just use my linux box as a router AND a firewall and ditch
> > the
> > Linksys appliance all together?
>
> If you're going to use the Linux firewall, the Linksys really is
> unnecessary. All it adds is an extra layer of
> complexity/routing/failure.
This really does depend on the nature of the broadband connection,
though. What is connected to the other side of the router? Is it a
Cable/DSL modem, or is it the actual broadband linke?
What I've done with my Netopia Cayman router is turned it into just a
router...I turned off the firewalling on that unit, completely, and am
letting my FC1/iptables firewall handle all firewall/NAT/Masq duties.
> > 3. If there is room for both, how might the router allow traffic to
> > flow to
> > the machine I designate as my firewall?
>
> You'd end up with 2 layers of NAT translation. Way unnecessary.
Not necessarily true. Again, this depends on the nature of the Linksys
router, how its connected, etc.
-- Mike Burger http://www.bubbanfriends.org Visit the Dog Pound II BBS telnet://dogpound2.citadel.org or http://dogpound2.citadel.org:2000 To be notified of updates to the web site, visit http://www.bubbanfriends.org/mailman/listinfo/site-update, or send a message to: site-update-request@bubbanfriends.org with a message of: subscribe -- redhat-list mailing list unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
- Previous message: Oscar Hernández Hernández: "Mysql RHAS 3"
- In reply to: Jason Dixon: "Re: Router/Firewall Recommendation"
- Next in thread: Jeff: "Re: Router/Firewall Recommendation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
