FC4 - Firewall/Router
Temlakos
temlakos at gmail.com
Sat Jun 18 15:14:40 UTC 2005
> Thomas Cameron wrote:
>
>> On Sat, 2005-06-18 at 10:05 -0400, Greg Swallow wrote:
>>
>>
>>
>>> Network 192.168.0 is configured by D-Link wireless router to cable
>>> modem. firewall has access to the internet through
>>> the router via dhcp on eth0. eth1 is attached to what will be network
>>> 192.168.1 and we want firewall to serve dhcp on
>>> that network. We also want firewall to route internet traffic from/to
>>> 192.168.1 through 192.168.0; without having to
>>> shutdown the firewall server to do so.
>>>
>>
>>
>> Out of curiosity, why are you running a firewall behind the NAT router?
>> The NAT router is going to keep the bad guys out by its design. Granted
>> it's not a really high-end security solution, but most of the NAT
>> routers out there today are pretty secure.
Maybe so. But I would recommend setting up iptables anyway. I do it
myself. Redundancy is a /good/ thing with security, especially with all
the bad actors that we hear about /every day/, downloading credit-card
information and so on. Besides, it's good practice for setting up a
firewall in an enterprise situation.
Temlakos
More information about the users
mailing list