Hello,
At my home office, I have 1 public IP and I'm forwarding certain outside
port requests to the various machines inside using NAT. I'm allowing all
inside->out traffic. Given that I'm happy with this setup from the
functionality perspective, should I still add firewall rules to define
my current setup (e.g. to allow all inside->out traffic and to allow
http, smtp, etc to the various machines for outside->in traffic)? Am I
missing out on important security features the firewall would offer
which NAT doesn't?
Currently I just have the following firewall statements:
firewall {
log-martians: "enable"
send-redirects: "disable"
receive-redirects: "disable"
ip-src-route: "disable"
broadcast-ping: "disable"
syn-cookies: "enable"
}
[EMAIL PROTECTED]> show version
Baseline Version: vc3
Booted From: disk
Happy New Year to all! Cheers, -Alain.
_______________________________________________
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users
