VanLUG Email Archive

Re: Proxy/Router/Firewall? with The Wave

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Dave Michelson: "High Speed Packet Radio in BC"
• Previous message: Vincent Janelle: "Re: ADSL and Linux router?"
• In reply to: Turbo Fredriksson: "Re: Proxy/Router/Firewall? with The Wave"

Speaking as a security nazi, you're nuts. For a corporate network, with
a corporate firewall, sure. For a home network, unless you have very
specific circumstances (such as requiring a child's computer to use
proxies so as to control what s/he can access), it's ridiculous IMO to
add NAT entries on a host by host basis. This is something that is
entirely reasonably defined with a network granularity.

In the context of you suggesting a default accept forwarding policy,
then coming up with this, I'd suggest that you don't quite understand
what you're talking about.

>> However, this person has two internal interfaces it sounds like.
> Two interfaces is a must, if you are going to do masquerading, right?

Read it again: two *internal* interfaces. Total of three. Sheesh.

Brian.

• Next message: Dave Michelson: "High Speed Packet Radio in BC"
• Previous message: Vincent Janelle: "Re: ADSL and Linux router?"
• In reply to: Turbo Fredriksson: "Re: Proxy/Router/Firewall? with The Wave"