Unless its limiting you in some fashion, leave it there as an extra layer of protection - dedicated HW firewalls are often more secure than a general purpose machine, but lose out in the flexibility/functionality stakes. You can also get funky and use the gentoo box to detect suspect traffic, and then deny it by uploading the ACL deny to the firewall.
Personally, while I really like my gentoo firewall/gateway, I would love to have this option to completely remove traffic I designate from hitting the inner firewall at all. Make the most of it! BillK On Thu, 2005-10-06 at 21:42 -0500, Mark wrote: > I'd like to build a gentoo box to act as a single router between a ... > One quandary I have is regarding the hardware firewall. We have money > invested in it, but does it buy me anything now that we are creating > the 2 separate subnets? Should I just sell it and let the Gentoo box > be the firewall as well? > > Thanks for any insight, as always. > -- > Mark > [unwieldy legal disclaimer would go here - feel free to type your own] -- gentoo-user@gentoo.org mailing list
