[EMAIL PROTECTED] wrote:
Hello
I am about to put together a home based network that is connected to
> a cable modem. My initial thoughts are to connect a router to the
> cable modem and then a linux firewall box to the router. I would then
> connect a hub or router to the linux firewall. The other computers
> would then connect to the router. How does this approach sound? Would
> it help make the system more secure than just using a router as the
> firewall only?
using a consumer-grade NAT box as a firewall isn't really using a
firewall at all. What I'd do, if I were in your situation, is this:
cable ----- linux ------ switch
modem box | || |
| || |
other boxes
You can set up a simple firewall on the linux box to protect the rest of
your machines, and also do NAT. iptables is great.
Definitely using the nat box alone isn't a secure idea. The scenario I
mentioned above, however, is probably the best, as you're only doing NAT
once, and the firewalling capabilities of linux vastly outweigh those of
the silly nat boxes.
I've done this setup for a number of years without any trouble
whatsoever (aside from the deficiencies arising from NAT on the internal
network, but those are to be expected).
Good luck,
-Kelsey
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
