DSL firewall/router solutions?
Hi all, I'm about to order DSL. Unfortunately, SpeakEasy isn't available in my area, so I'll likely go with Earthlink. Since they're my current ISP, it at least makes the switch easier, i.e. now e-mail address changes :) However, they charge more than I'm willing to pay for a static IP. So, I'm wondering about which DSL firewall boxes are decent, and can they handle dynamic IP addresses? Or, is it just easier to use iptables/netfilter on my system at home and make that the router/ firewall for my network? At this time I'm not overly concerned with running a server/domain, I just want to be able to get to my system securely from the net. Any comments/suggestions greatly appreciated :) Thanks, -- Seeya, Paul -- Key fingerprint = 1660 FECC 5D21 D286 F853 E808 BB07 9239 53F1 28EE It may look like I'm just sitting here doing nothing, but I'm really actively waiting for all my problems to go away. If you're not having fun, you're not doing it right! ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
--- [EMAIL PROTECTED] wrote: So, I'm wondering about which DSL firewall boxes are decent, and can they handle dynamic IP addresses? I used one from DLink (DI-704) with a dynamic IP address when I had broadband. If I recall correctly, when your broadband modem boots up it will go find an IP address and then set via DHCP the WAN address on the router. Something like that anyway. It was very straightforward to configure. -Mike- = The power of accurate observation is commonly called cynicism by those who have not got it -George Bernard Shaw __ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Errr! DSL is here, DSL is gone.
Errr, I send the wrong e-mail to the list :) In a message dated: Mon, 14 Jul 2003 12:00:44 EDT [EMAIL PROTECTED] said: Okay, I don't know who is playing what games, but I wouldn't be surprised if Verizon is behind this! 2 weeks ago I checked with Earthlink, DSL Reports, and Verizon. All 3 locations stated I was within 9000 feet of the CO, and could order DSL service. This week, as I'm about to order, I went and checked, and only Verizon is stating that I'm eligible for DSL. Earthlink says that the problem seems to be that I can only get DSL at 384/384, and that they don't offer that speed. DLS Reports doesn't provide a distance estimate this week, but does state that service is available from Covad and Network Access Solutions, and that Rhythyms is 'waiting'. So, why would I be able to get DSL 2 weeks ago, and not this week? Should I wait another week to see if this gets fixed, or just sign up with Verizon? Anyone have any experience with Verizon for DSL? How bad is it? Should I just wait until Comcast comes through with broadband? Maybe I'll just invest in 'Avian Carrier Networks' :) -- Seeya, Paul -- Key fingerprint = 1660 FECC 5D21 D286 F853 E808 BB07 9239 53F1 28EE It may look like I'm just sitting here doing nothing, but I'm really actively waiting for all my problems to go away. If you're not having fun, you're not doing it right! ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Errr! DSL is here, DSL is gone.
Okay, I don't know who is playing what games, but I wouldn't be surprised if Verizon is behind this! 2 weeks ago I checked with Earthlink, DSL Reports, and Verizon. All 3 locations stated I was within 9000 feet of the CO, and could order DSL service. This week, as I'm about to order, I went and checked, and only Verizon is stating that I'm eligible for DSL. Earthlink says that the problem seems to be that I can only get DSL at 384/384, and that they don't offer that speed. DLS Reports Tom If you're paranoid about security, those firewalls have some Tom faults. True. My problem is I'm lazy, and I don't have a lot of time. I really haven't kept up with the changes from ipfwadm-ipchains- iptables, and I just don't really care that much about learning that stuff :) I will if I have to, but if I can buy a small box for $100, I'd rather do that. I'm not overly paranoid, and I don't have too much on my systems that I'm too worried about. Though, I suppose spending a few hours now to do it right is better than spending weeks later trying to recover :) Tom t's nice having the FW deal with PPPoE though. But can't you just build a kernel with PPPoE support? Tom They use little power and have no fan. No disk so you don't Tom need to worry about a UPS when power goes out. Tiny so you can Tom set them up in a corner. All the features I'm looking for :) Tom A wireless fw/router in front of a real firewall would be a Tom cool setup. ~ I'm considering moving my wireless to a DMZ so Tom I can have more control over who gets an address. I'm not so Tom paranoid at home. Yeah, I've considered that too. I may go that way. Tom When we go wireless at work, I'll learn *alot* about this kind Tom of thing :-) Cool. Teach me :) -- Seeya, Paul ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
We use a lot of Greatspeed brand routers for our corporate DSL offerings. They seem to be pretty reliable, and they have models with a decent built-in firewall. Check ebay, you can usually find them out there for less than $100. Check out www.dyndns.org , or similar, for a free dynamic dns service. There are linux clients that will update your IP address, so you can have a static hostname like pll.dyndns.org that will always be mapped to your current DHCP WAN IP. On Mon, 2003-07-14 at 10:19, [EMAIL PROTECTED] wrote: I'm about to order DSL. Unfortunately, SpeakEasy isn't available in my area, so I'll likely go with Earthlink. Since they're my current ISP, it at least makes the switch easier, i.e. now e-mail address changes :) ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
RE: DSL firewall/router solutions?
However, they charge more than I'm willing to pay for a static IP. So, I'm wondering about which DSL firewall boxes are decent, and can they handle dynamic IP addresses? Or, is it just easier to use iptables/netfilter on my system at home and make that the router/ firewall for my network? Any decent broadband router can deal with DHCP. The only thing you usually have to worry about is when ISPs (like MediaOne back in the day) would renumber and kill your DHCP lease in the middle of a lease, but a reboot of the system/router would fix that. I've used linksys ones with great results, I have some friends using Netgear ones that also work good. ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
On Mon, 14 Jul 2003, Travis == Travis Roy wrote: Travis Any decent broadband router can deal with DHCP. Good to know, since I've never looked at any of these :) Travis I've used linksys ones with great results, I have some Travis friends using Netgear ones that also work good. Thanks. I've always been a big fan of NetGear b/c of their Linux support. I'll check them out. -- Seeya, Paul -- Key fingerprint = 1660 FECC 5D21 D286 F853 E808 BB07 9239 53F1 28EE It may look like I'm just sitting here doing nothing, but I'm really actively waiting for all my problems to go away. If you're not having fun, you're not doing it right! ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Walmart.com sells Microtel PC with SuSE Linux software
Good for SuSE!! http://www.infoworld.com/article/03/07/14/HNwalmartsuse_1.html Richard A Sharpe Database Analyst and Administration (DBA) Sqlserver/DB2 Amherst Technologies 40 Continental Blvd Merrimack, NH 03054 PHONE ...(603) 579-6180 / (800) 431-8031 Cell phone ..(603) 320-7785 FAX ...(603) 578-1072 EMAIL [EMAIL PROTECTED] / Webpage ...www.amherst1.com Tenemos que tener fe (We must have faith ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Errr! DSL is here, DSL is gone.
Verizon DSL is a total cluster (We resell VZ DSL in several markets, through our CLEC.) As compared to the network that we sell aDSL off of, the VZ dsl offering is a total pain. Unexplained downtimes, packet loss, all things that VZ says are fine. We attempting to move most of our dsl (both our own and VZ resold) to wireless. It's faster, we can provide better control, and most of all, we know what's going on with it. Are you in Manchester? I wan't following the entire thread. :-) [EMAIL PROTECTED] wrote: Errr, I send the wrong e-mail to the list :) In a message dated: Mon, 14 Jul 2003 12:00:44 EDT [EMAIL PROTECTED] said: Okay, I don't know who is playing what games, but I wouldn't be surprised if Verizon is behind this! 2 weeks ago I checked with Earthlink, DSL Reports, and Verizon. All 3 locations stated I was within 9000 feet of the CO, and could order DSL service. This week, as I'm about to order, I went and checked, and only Verizon is stating that I'm eligible for DSL. Earthlink says that the problem seems to be that I can only get DSL at 384/384, and that they don't offer that speed. DLS Reports doesn't provide a distance estimate this week, but does state that service is available from Covad and Network Access Solutions, and that Rhythyms is 'waiting'. So, why would I be able to get DSL 2 weeks ago, and not this week? Should I wait another week to see if this gets fixed, or just sign up with Verizon? Anyone have any experience with Verizon for DSL? How bad is it? Should I just wait until Comcast comes through with broadband? Maybe I'll just invest in 'Avian Carrier Networks' :) ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
On Mon, 14 Jul 2003 12:46:57 -0400 Kurth Bemis [EMAIL PROTECTED] wrote: Stay away from Linksys. We have about 50 8 port firewall/gateway poxed deployed. They seem to go dumb and need a reboot once an a while, even with the new firmware, also throughput isn't that good on them, compared to the netgear routers that we have deployed... Maybe now that cisco owns them they'll start making decent products again. I have a Linksys BEFW11S4 4 port Wireless. I run it 24X7 with zero problems. The only reason I have ever shut it down was to flash a new firmware or when Comcast changed over the other day, I booted Windows and connected my PC directly. -- Jerry Feldman [EMAIL PROTECTED] Boston Linux and Unix user group http://www.blu.org PGP key id:C5061EA9 PGP Key fingerprint:053C 73EC 3AC1 5C44 3E14 9245 FB00 3ED5 C506 1EA9 pgp0.pgp Description: PGP signature
Re: Walmart.com sells Microtel PC with SuSE Linux software
Perhaps Walmart will sue SCO into oblivion and clear up the mess being made. They've got the financial resources to do it. - __ | 0|___||. Andrew Gaunt *nix Sys. Admin,, etc. Lucent Technologies _| _| : : } [EMAIL PROTECTED] - http://www-cde.mv.lucent.com/~quantum -(O)-==-o\ [EMAIL PROTECTED] - http://www.gaunt.org Sharpe, Richard wrote: Good for SuSE!! http://www.infoworld.com/article/03/07/14/HNwalmartsuse_1.html Richard A Sharpe Database Analyst and Administration (DBA) Sqlserver/DB2 Amherst Technologies 40 Continental Blvd Merrimack, NH 03054 PHONE ...(603) 579-6180 / (800) 431-8031 Cell phone ..(603) 320-7785 FAX ...(603) 578-1072 EMAIL [EMAIL PROTECTED] / Webpage ...www.amherst1.com Tenemos que tener fe (We must have faith ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
On Mon, 14 Jul 2003, Jerry Feldman wrote: I have a Linksys BEFW11S4 4 port Wireless. I run it 24X7 with zero problems. The only reason I have ever shut it down was to flash a new firmware or when Comcast changed over the other day, I booted Windows and connected my PC directly. I have the same thing and 2 of my friends do as well - we all had the same issue... all of a sudden, the thing just started freaking out, Wouldn't forward packets, and then the wireless just stopped working. I'm avoiding linksys for awhile... Ben -- Behind an able man there are always other able men. ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Walmart.com sells Microtel PC with SuSE Linux software
On Mon, 14 Jul 2003, Sharpe, Richard wrote: Good for SuSE!! http://www.infoworld.com/article/03/07/14/HNwalmartsuse_1.html Good for Mandrake!! :) http://linuxtoday.com/it_management/2003070202226NWDPHW -- Bill Mullen [EMAIL PROTECTED] MA, USA RLU #270075 MDK 8.1 9.0 In the beginning the Universe was created. This has made a lot of people very angry and been widely regarded as a bad move. - Douglas Adams ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
Stay away from Linksys. We have about 50 8 port firewall/gateway poxed deployed. They seem to go dumb and need a reboot once an a while, even with the new firmware, also throughput isn't that good on them, compared to the netgear routers that we have deployed... Maybe now that cisco owns them they'll start making decent products again. ~kurth Travis Roy wrote: However, they charge more than I'm willing to pay for a static IP. So, I'm wondering about which DSL firewall boxes are decent, and can they handle dynamic IP addresses? Or, is it just easier to use iptables/netfilter on my system at home and make that the router/ firewall for my network? Any decent broadband router can deal with DHCP. The only thing you usually have to worry about is when ISPs (like MediaOne back in the day) would renumber and kill your DHCP lease in the middle of a lease, but a reboot of the system/router would fix that. I've used linksys ones with great results, I have some friends using Netgear ones that also work good. ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
RE: Walmart.com sells Microtel PC with SuSE Linux software
And I believe IBM already offers SuSE and Redhat on their PC's Richard A Sharpe Database Analyst and Administration (DBA) Sqlserver/DB2 Amherst Technologies 40 Continental Blvd Merrimack, NH 03054 PHONE ...(603) 579-6180 / (800) 431-8031 Cell phone ..(603) 320-7785 FAX ...(603) 578-1072 EMAIL [EMAIL PROTECTED] / Webpage ...www.amherst1.com Tenemos que tener fe (We must have faith -Original Message- From: Bill Mullen [mailto:[EMAIL PROTECTED] Sent: Monday, July 14, 2003 12:38 PM To: GNHLUG Discussion List Subject: Re: Walmart.com sells Microtel PC with SuSE Linux software On Mon, 14 Jul 2003, Sharpe, Richard wrote: Good for SuSE!! http://www.infoworld.com/article/03/07/14/HNwalmartsuse_1.html Good for Mandrake!! :) http://linuxtoday.com/it_management/2003070202226NWDPHW -- Bill Mullen [EMAIL PROTECTED] MA, USA RLU #270075 MDK 8.1 9.0 In the beginning the Universe was created. This has made a lot of people very angry and been widely regarded as a bad move. - Douglas Adams ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 14 Jul 2003, Ben Boulanger wrote: On Mon, 14 Jul 2003, Jerry Feldman wrote: I have a Linksys BEFW11S4 4 port Wireless. I have the same thing and 2 of my friends do as well - we all had the same issue... all of a sudden, the thing just started freaking out, I've personally seen both sides of this case. I'm on my second BEFW11S4, having left the first with my parents for them to use. I typically use mine as an AP/switch only, and my parents use theirs as a gateway to TW RoadRunner service. I have had no problems with either one. Two cow-orkers recently purchased this model on my recommendation and have each had problems with theirs. Off the top of my head I can remember DHCP/PPPoE dropouts, port forwarding mixups, and general flakiness. Usable, but frustrating. My best theory on the issue is that this particular model has been improved to its current state. My two units were both purchased 1-2 years ago and are the original hardware release. The other two were new in the last 6-9 months, and are probably version 3 or 3.2. It's quite possible that recent versions just aren't as stable as the original and no amount of firmware patching can fix it. But that's just a theory. - -- Matt BrodeurRHCE [EMAIL PROTECTED]http://www.NextTime.com Why be difficult when with a bit of effort you can be impossible? -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE/EwQzc8/WFSz+GKMRAqNNAJ9tc0O1j53O7c4XIr/t8j8tDbaDcwCdE4Me mxCjkf+65AbtU+m6DiMYpXE= =9QR2 -END PGP SIGNATURE- ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
RE: Walmart.com sells Microtel PC with SuSE Linux software
On Mon, 14 Jul 2003, Sharpe, Richard wrote: And I believe IBM already offers SuSE and Redhat on their PC's These are very promising developments for Linux, IMHO; as we all know, the most daunting aspect of running Linux for most people is the current need to install and configure it oneself. Preloads from reputable HW makers will remove that factor, and make it more likely that businesses (HP/IBM) and home users (WalMart) will be willing to take the plunge. They also present Linux on a relatively equal footing with M$'s offerings, which is a milestone in and of itself. As a Mandrake devotee, I'm particularly excited about the HP deal ... it comes at an excellent time, just as the company has announced that they expect to successfully emerge from the Frech equivalent of Chapter 11 by the end of the year - the endorsement of the company and its product that is implicit in the HP contract can only help them in that regard. -- Bill Mullen [EMAIL PROTECTED] MA, USA RLU #270075 MDK 8.1 9.0 In the beginning the Universe was created. This has made a lot of people very angry and been widely regarded as a bad move. - Douglas Adams ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
RE: Walmart.com sells Microtel PC with SuSE Linux software
HP also has deals with Redhat, SuSE, Debian in addition to Mandrake. http://h10018.www1.hp.com/wwsolutions/linux/about_linux_hp/partners.html I am a SuSE fan, I used to be 100% Redhat, but SuSE just had that extra something, I believe Mandrake has the same appeal and I have it installed on a couple of boxes also. Go LINUX ! Richard A Sharpe Database Analyst and Administration (DBA) Sqlserver/DB2 Amherst Technologies 40 Continental Blvd Merrimack, NH 03054 PHONE ...(603) 579-6180 / (800) 431-8031 Cell phone ..(603) 320-7785 FAX ...(603) 578-1072 EMAIL [EMAIL PROTECTED] / Webpage ...www.amherst1.com Tenemos que tener fe (We must have faith -Original Message- From: Bill Mullen [mailto:[EMAIL PROTECTED] Sent: Monday, July 14, 2003 1:33 PM To: GNHLUG Discussion List Subject: RE: Walmart.com sells Microtel PC with SuSE Linux software On Mon, 14 Jul 2003, Sharpe, Richard wrote: And I believe IBM already offers SuSE and Redhat on their PC's These are very promising developments for Linux, IMHO; as we all know, the most daunting aspect of running Linux for most people is the current need to install and configure it oneself. Preloads from reputable HW makers will remove that factor, and make it more likely that businesses (HP/IBM) and home users (WalMart) will be willing to take the plunge. They also present Linux on a relatively equal footing with M$'s offerings, which is a milestone in and of itself. As a Mandrake devotee, I'm particularly excited about the HP deal ... it comes at an excellent time, just as the company has announced that they expect to successfully emerge from the Frech equivalent of Chapter 11 by the end of the year - the endorsement of the company and its product that is implicit in the HP contract can only help them in that regard. -- Bill Mullen [EMAIL PROTECTED] MA, USA RLU #270075 MDK 8.1 9.0 In the beginning the Universe was created. This has made a lot of people very angry and been widely regarded as a bad move. - Douglas Adams ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
OT: Job Posting
For those of you who are still looking for jobs, here is a position in Lowell that a friend of mine clued me in on. If anyone is interested, their URL is on the page. --- Begin Posting -- Technical Operations Engineer Location: Lowell, MA Division: PI Department: Perceptive Informatics Description: The primary responsibilities of the Technical Operations Engineer is to provide 24x7x365 worldwide technical support to the Internal and External clientele of Perceptive Informatics. This includes support of the IVRS, RDE, Web product line. Experience: Education: BA/BS or equivalent experience. Minimum Work Requirements: Two to three years experience in a networked Windows NT/2000 environment. Familiarity with network administration and network topologies. Ability to troubleshoot desktop and server issues. You must also have 2-3 years experience with Red Hat Linux Server and 2-3 years experience with network management and design in a Cisco environment. Experiences with relational databases such as Oracle, SQL, and Sybase are a plus. Strong oral and written communication skills are essential. Here's the URL: http://www.parexel.com/careers/jobSingle.asp?REQ=pare-5573 -- End Posting They are currently interviewing for this job, so if you are interested, contact them. ( Please know that I am not a contact for this position as I am not associated with the company that is hiring ). Regards, Jeff Kirkland ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
more than a theory. WIth the Linky befsr41, some of the newer firmware is (using a highly technical term here), crap. Some of the 1.43.x releases had problems causing the router to hang often. Fortunately, I had kept some older releases around and was able to flash back to a stable 1.42.x version (.7 is good). As usual, if it's not broken... every brand seems to have some problems and some good points. I and a lot of others have had real good luck with this unit. I've known some dlink, smc, netgear to work and not work too... The other thing that I have found is to keep the AP separate from the router. This has come in handy when the location for the router isn't optimal as I can move the AP to a better location without resorting to boosters. And, when it's time to upgrade to a newer AP or to the VPN router, I can do it without taking everything down... joe I have the same thing and 2 of my friends do as well - we all had the same issue... all of a sudden, the thing just started freaking out, I've personally seen both sides of this case. I'm on my second BEFW11S4, having left the first with my parents for them to use. I typically use mine as an AP/switch only, and my parents use theirs as a gateway to TW RoadRunner service. I have had no problems with either one. Two cow-orkers recently purchased this model on my recommendation and have each had problems with theirs. Off the top of my head I can remember DHCP/PPPoE dropouts, port forwarding mixups, and general flakiness. Usable, but frustrating. My best theory on the issue is that this particular model has been improved to its current state. My two units were both purchased 1-2 years ago and are the original hardware release. The other two were new in the last 6-9 months, and are probably version 3 or 3.2. It's quite possible that recent versions just aren't as stable as the original and no amount of firmware patching can fix it. But that's just a theory. ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
On Mon, 14 Jul 2003, at 10:19am, [EMAIL PROTECTED] wrote: So, I'm wondering about which DSL firewall boxes are decent, and can they handle dynamic IP addresses? Define decent. You can go into Staples or Best Buy or CompUSA or even Wal-Mart and buy just about any SOHO router and get a fair product. LinkSys, NetGear, Belkin, SMC are popular brands. Even Microsoft is reselling someone's stuff now. Standard features include: NAT; elementary firewall; web-based UI that usually works with Mozilla; DHCP/PPPoE/static on the WAN side; DHCP server on the LAN side. Most let you do basic port forwarding, port filtering, and that sort of thing. Most are also very inflexible: They do exactly what they do, and nothing more. If you hit a limitation, your only options are to get rid of it or do without. You'll find everyone has bad experiences with some of the brands. They crank these things out by the thousands for next to no money. They rev the firmware constantly as they try to add this or that new feature or debug this or that quirk. The fact of the matter is, you're getting what you pay for with these things. They are perfectly fine for the average home user who wants to read email and download porn and pirated music, but they're not carrier class equipment and never will be. Or, is it just easier to use iptables/netfilter on my system at home and make that the router/ firewall for my network? For someone with your experience level, Paul, I'd say to go with IPTables. It isn't hard, and you'll never run into something you can't do. Just don't define any routes via gateways that don't exist. ;-) -- Ben Scott [EMAIL PROTECTED] | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Errr! DSL is here, DSL is gone.
On Mon, 14 Jul 2003, at 12:00pm, [EMAIL PROTECTED] wrote: 2 weeks ago I checked with Earthlink, DSL Reports, and Verizon. All 3 locations stated I was within 9000 feet of the CO, and could order DSL service. This week, as I'm about to order, I went and checked, and only Verizon is stating that I'm eligible for DSL. Well, I certainly wouldn't put it past Verizon to be screwing with people, but on the other hand, remember that DSL is inherently unpredictable in availability. DSL is basically hooking digital equipment up to physical wiring that was intended to run a fairly low-grade analog signal. Sometimes you get lucky. Sometimes you don't. To make matters worse, many times, nobody (literally) really knows what the wiring in an area is like. The only way to find out is to have someone physically go and test the line. So the web-based qualifier you type your phone number/address into, while not quite worthless, is a far cry from a definite answer. Combine that with the fact that many of these companies are making half of this stuff up as they go along, and, well... don't be surprised by anything. :-) We share our office building with another company. We have the same street address. Same power line. We can get DSL. They can't. But can't you just build a kernel with PPPoE support? Not even needed. Many (most?) Linux systems acting as PPPoE clients run the Roaring Penguin PPPoE client, which is implemented using userland software and the regular PPP interface. http://www.roaringpenguin.com/pppoe/ I really haven't kept up with the changes from ipfwadm-ipchains- iptables ... Here is most of what a SOHO router does in eleven iptables commands: # config LAN_DEV=eth0 PUB_DEV=eth1 # policy actions iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP # clear everything iptables -F iptables -X # any packet can be sent from this host iptables -A OUTPUT -j ACCEPT # any packet can be forwarded out via public iptables -A FORWARD -o $PUB_DEV -j ACCEPT # any packet via loopback (localhost) can come in iptables -A INPUT -i lo -j ACCEPT # any packet part of an already-established connection can come in # connections get established by sending packets out (see above) iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT # masquerade anything going out via public iptables -t nat -A FORWARD -o $PUB_DEV -j MASQUERADE -- Ben Scott [EMAIL PROTECTED] | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Errr! DSL is here, DSL is gone.
On Mon, 14 Jul 2003, at 12:06pm, [EMAIL PROTECTED] wrote: Errr, I send the wrong e-mail to the list :) Actually, I think you sent half of the wrong e-mail to the list. :) I responded to parts of it anyway. I'll also response to some of the new parts you just posted: Anyone have any experience with Verizon for DSL? Yes. How bad is it? Surprisingly good, for a Verizon product. Which means it often sucks. Reliability tends to be good, except when it's not, in which case it drives you insane. Customer service tech support is a joke. If you have to call them, I recommend instead beating your head against a brick wall. It feels better, and is more rewarding. Their registration process more-or-less requires that you run some software on an MS-Windows system. But I'd rather have Verizon DSL then dialup over a Verizon POTS line. You also have to remember: Verizon owns the telephone wires, so no matter what, if you have DSL, Verizon is still involved. Should I just wait until Comcast comes through with broadband? When it comes to customer-service, reliability, and/or technology, Comcast is not significantly better or worse then Verizon. Cable Internet is frequently faster than DSL, though. However, even that depends on your distance to the CO, quality of the lines, the amount of over-subscription going on in your area, any bandwidth caps the provider might have in place in your area, the phase of the moon, the average life-span of a Whelk in a supernova, and several other less-obvious factors. -- Ben Scott [EMAIL PROTECTED] | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
On Mon, 14 Jul 2003 [EMAIL PROTECTED] wrote: On Mon, 14 Jul 2003, at 10:19am, [EMAIL PROTECTED] wrote: Or, is it just easier to use iptables/netfilter on my system at home and make that the router/ firewall for my network? For someone with your experience level, Paul, I'd say to go with IPTables. It isn't hard, and you'll never run into something you can't do. Perhaps the ideal solution would be to scare up a low-spec box and throw in a couple of cheap NICs, then put SmoothWall onto it. It'll give you everything a router can and more, is a snap to set up and configure, and you can ssh in to it and play with the config files directly when you have a particularly tricky hoop that needs jumping through. :) Just don't define any routes via gateways that don't exist. ;-) Well, with the possible exception of that one ... ;) -- Bill Mullen [EMAIL PROTECTED] MA, USA RLU #270075 MDK 8.1 9.0 In the beginning the Universe was created. This has made a lot of people very angry and been widely regarded as a bad move. - Douglas Adams ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
In a message dated: Mon, 14 Jul 2003 17:50:00 EDT [EMAIL PROTECTED] said: For someone with your experience level, Paul, I'd say to go with IPTables. It isn't hard, and you'll never run into something you can't do. Everyone keeps saying this :) I donwanna. I wannna be a stupid user and be lazy :) Just don't define any routes via gateways that don't exist. ;-) user_level=stupid What's a gateway? ;) /user_level You know, you really take all the fun outta this stuff :) If it weren't my brain-lapses requiring you to answer what most would consider rather obvious and self-evident questions, we'd have almost no traffic here. Except maybe the [OT] ones ;) -- Seeya, Paul It may look like I'm just sitting here doing nothing, but I'm really actively waiting for all my problems to go away. If you're not having fun, you're not doing it right! ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
On Mon, 14 Jul 2003, at 7:35pm, [EMAIL PROTECTED] wrote: If it weren't my brain-lapses requiring you to answer what most would consider rather obvious and self-evident questions, we'd have almost no traffic here. We could always go back to talking about NIS and NFS. ;-) -- Ben Scott [EMAIL PROTECTED] | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
Since no one mentioned it, I'll tell you what I use for my SDSL router/firewall: an old PC with 2 NICs and OpenBSD with ipf and ipnat. (I'm still running OpenBSD 2.7.) If you have an old machine to spare, i'd definitely recommend going this route rather than getting a broadband router. My reason for saying this is that I have little or no experience with such. From your other postings on this list, Paul, you seem to know pretty much what you're doing, so I'd recommend you use iptables and ipfilter. If you go with Verizon, you may have to also use PPPOE (PPP over ethernet). I'm not certain of this, because my wife uses Verizon DSL on her Mac downstairs and it has this keep-alive agent that it must run. Since it requires a password and all that jazz, i'm assuming that it's doing PPPOE. In my experience, GNU/Linux or one of the BSDs installed on an old machine (Pentium class or better) makes an excellent router. I've used a P100 and now a 300 MHz K6 machine and both could push packets from one NIC to the other faster than my DSL connection could handle them. As for the providers saying that they could give you DSL and then saying that they couldn't, I have no idea. I do know that one provider told me that they could give me DSL, but that it would be slow, and my current provider said that we could all the way to 1.5 Mbps and beyond. I'd say maybe somebody's database got a little messed up. Cheers, Jason ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Walmart.com sells Microtel PC with SuSE Linux software
On Mon, 14 Jul 2003, Andrew W. Gaunt wrote: Perhaps Walmart will sue SCO into oblivion and clear up the mess being made. They've got the financial resources to do it. Excpet that WalMart is a worse monster than SCO. SCO sues individual companies. WalMart sued the state of Vermont when the state said no to the giant moving in. They're not the Caring, Community Store they want you to belive, any more than SCO is UNIX. - __ | 0|___||. Andrew Gaunt *nix Sys. Admin,, etc. Lucent Technologies _| _| : : } [EMAIL PROTECTED] - http://www-cde.mv.lucent.com/~quantum -(O)-==-o\ [EMAIL PROTECTED] - http://www.gaunt.org Sharpe, Richard wrote: Good for SuSE!! http://www.infoworld.com/article/03/07/14/HNwalmartsuse_1.html Richard A Sharpe Database Analyst and Administration (DBA) Sqlserver/DB2 Amherst Technologies 40 Continental Blvd Merrimack, NH 03054 PHONE ...(603) 579-6180 / (800) 431-8031 Cell phone ..(603) 320-7785 FAX ...(603) 578-1072 EMAIL [EMAIL PROTECTED] / Webpage ...www.amherst1.com Tenemos que tener fe (We must have faith ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss -- TARogue (Linux user number 234357) Marriage is the only adventure open to the cowardly. -Voltaire, philosopher (1694-1778) ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
On Mon, 14 Jul 2003, at 9:36pm, [EMAIL PROTECTED] wrote: If you go with Verizon, you may have to also use PPPOE (PPP over ethernet). Verizon uses PPPoE on all their dynamic IP address DSL accounts. Their registration process involves running a software suite on a Windows-based PC. It installs all sorts of crap you don't want, and then forces you through a web-page sign-up script. The usual drill -- it could all be done in an OS-neutral, platform-independent manner, without installing anything, but that would be too easy. Once you are registered and have a username and password, you never need to use their software again. I recommend burning it. It's a great symbolic gesture.[1] For Verizon's premium business-class service with the static IP address, you just run plain old IP-over-Ethernet, the way God intended IP to work. :) Note that actually getting a static IP address can be difficult. Not because the technology is unavailable, but because most of their sales force can't even spell DSL. Once installed, though, no registration is required. Simply plug-in, ARP, and go. Footnote [1] Credit to Linus Torvalds. -- Ben Scott [EMAIL PROTECTED] | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
