Curtis LaMasters wrote:
Now that I think about it, there are lots of ways to interpret that but
my meaning was for businesses, I would basically do an in line
transparent firewall much like this example:
http://pfsense.trendchiller.com/transparent_firewall.pdf
For the normal firewall deployment, I mean exactly that. Treat each of
those homes as an individual computer, filter bad incoming stuff to them
and do some basic egress filtering to keep them from giving out info
they don't need to be giving, or SPAM for that matter.
Additionally for any type of traffic that you specifically permit, I
would log it. Just my $.02 worth.
Ok so what your are meaning is that you wouldn't block any traffic for
business, but would block a few ports for home users, right? I agree.
My question is more, since bridging is not compatible with carp, I'd
rather be using routing, so that the firewall has a public IP address,
and there are public IP addresses and private IP addresses behind it.
The firewall would be the default GW for all the clients.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
