I am currently using Telocity/DirecTVDSL for my home internet connection. The DSL Modem provided by Telocity does not appear to be configurable from the user side, but allows the user to run any desired servers - I am running qmail, apache, apache-ssl. I now have a dedicated firewall, running iptables, DNAT to :25 :80 :110 :443, SNAT from my private network to my public IP.
My firewall logged a lot of connection attempts to :137 and :139 from the internet - until I changed from LDROP to DROP - you may want to restrict access to these ports if you know the valid source addresses. Since my domain name is resolved by register.com's nameservers, I have blocked all TCP/UDP access to :53 from the internet. My dhcp client for the NIC connected to the Telocity modem attempts to overwrite my /etc/resolv.conf, deleting reference to my private DNS server, so I set the immutable bit on that file to prevent change (chattr +i). I think DirecTVDSL has an "upgrade" service available for $10/month that includes a 4 port router/firewall with 4 IP addresses, but I have accomplished all I wanted to do with 1 IP and my private network. Darrell On Tue, Feb 26, 2002 at 10:24:19AM -0600, John Schmerold wrote: > I have a client that is planning on using Direct TV DSL so that he may > obtain single static IP for $50 per month. > > Service looks slick for typical residential or branch office use, > however he needs remote offices to attach to a Samba share & wants his > office to benefit from a netfilter based firewall. > > Anyone doing this? Any tips on configuring the modem/router provided by > DirectTV to facilitate these functions? > > TIA for helping me avoid real word bruises. > >
