On Wednesday 20 February 2002 10:37 am, you wrote: > Well, probably, but I've found most of the home broadband firewalls doing > NAT don't seem to support it, at least by default. Maybe I'm just > clueless on how to set it up, but I've always found active mode a royal > PITA and passive mode to work fine. :)
Get yourself a throwaway pentium computer, and two $10 PCI NIC's (three if you want a DMZ). Load OpenBSD. Configure pf, squid, named, dhcpd, ntpd, ftp proxy, etc. You'll have a firewall that absolutely shreds over the cheapo firewall appliances. > At work, yes I do need a better firewall. We're running some ancient > Yugo-brand firewall/router box that seriously needs to spend time in a > junkyard[1]. Too bad the IT department thinks it's wonderful. Ugh. Get permission from your higher ups and then break it from the outside. That may be enough incentive for them to spend the $800 to get a guy like me in there to set up a new one. :-)
