> -----Original Message----- > From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list- > bounces@xxxxxxxxxx] On Behalf Of Nathaniel Hall > Sent: Tuesday, June 22, 2004 12:53 PM > To: 'General Red Hat Linux discussion list' > Subject: RE: Router/Firewall Recommendation > > -----Original Message----- > >>From: redhat-list-bounces@xxxxxxxxxx > [mailto:redhat-list->>bounces@xxxxxxxxxx] On Behalf Of Alejandro Calbazana > >>Sent: Monday, June 21, 2004 9:52 PM > >>To: redhat-list@xxxxxxxxxx > >>Subject: Router/Firewall Recommendation > >> > >>Hello, > >> > >>I was looking for some recommendations on using a standalone RH machine > as > >>a firewall. Right now, I have an older Linksys router which I use as a > >>standalone router for my broadband connection. I was considering > placing > >>a firewall behind my router. Other than being overly paranoid, I'd like > >>to do this b/c i like the logging capability of iptables and iptables > has > >>much more flexibility as far as rules go. The Linksys router simply > >>routes, forwards, and does rudimentary logging. My questions are: > >> > >>1. Is the overkill from a home network? > > What is wrong with being secure? > > >>2. Should I just use my linux box as a router AND a firewall and ditch > the > >>Linksys appliance all together? > > I would use the firewall on the outside and the Linksys on the inside if I > did both, but I would probably only use the firewall. > > >>3. If there is room for both, how might the router allow traffic to flow > >>to the machine I designate as my firewall? > > If you use both, the firewall will still route between its interfaces. > All > of you machines on the internal side would use the firewall as the default > gateway and the firewall would use the Linksys as its default gateway. If > you want to setup a web or e-mail server, you would have to tell the > Linksys > to route certain ports to different machines that host the services and > make > the area between the Linksys and the firewall a DMZ. > > >>Thanks, > >> > >>Alejandro Just a thought, IMHO if you use a inksys router with nat then you do have a firewall, in fact a very effective hardware firewall. I don't think you can get better performance and security at the same time. I would put all my computers behind the linksys router and forget it. -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
