Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] *Small* NAT/DMZ/LAN h/w suggestions?
- Date: Wed, 30 May 2007 22:43:21 +0900
- From: Edward Wright <edw@example.com>
- Subject: Re: [tlug] *Small* NAT/DMZ/LAN h/w suggestions?
- References: <20070529050750.GC1793@P2> <f118b8b90705300124o11c72a0duc31e748e5c4182e4@mail.gmail.com>
- User-agent: Mutt/1.4i
On Wed, May 30, 2007 at 05:24:24PM +0900, Keith Bawden wrote: > >My initial thought is to get a low end server and configure up some > >iptables. But even such a server is really overkill for a router/firewall. > >(Don't need an 80Gig h/d, 1Gig RAM and a 3 or 4 Gig processor..... or a > >big power hungry box...) > > > >However that is the solution I would be most comfortable with since I > >have the most control and know what's going on. > > > >But, I wonder if there isn't a better (cheaper) solution. > > G'day Edward, > > Making a router out of any hardware that has three nics and will run > Linux is going to be easy enough (as other have suggested, distros > like smoothwall and ipcop will help out with this). However, I think a > really important question is, how much time do you want to spend on > setup, maintenance and disaster recovery. Keith, Thanks for your concern. Actually I have used iptables, ipchains and (if I remember the name right) ipfwadm before that. And except for a 386SX box I once bought mail order, have always built my own hardware. When I've worked in larger orgs, I've only had to deal with h/w that was already installed... or at least where the purchasing decisions were not mine. Ipcop and smoothwall may be great programs, but I have an inate distrust of GUI and/or web based config tools. Especially where security is concerned, I would really want to know what they are doing. And by the time I figured that out, I might as well have done it myself, methinks. (Arguably, you're making a decision to trust someone at some point......) So I have no problem with setting up and configuring a box to do the job. Truth is, I could probably save myself alot of grief if I were only comfortable with just going down to Bic or Yodobashi and grabbing somthing cheap off the shelf. I think the odds are pretty good that that would be an ok solution in this case..... it's just that, as I mentioned before I don't fully trust them. Maybe I'm too paranoid... Ed
- Follow-Ups:
- Re: [tlug] *Small* NAT/DMZ/LAN h/w suggestions?
- From: Stephen J. Turnbull
- Re: [tlug] *Small* NAT/DMZ/LAN h/w suggestions?
- From: tlug
- Re: [tlug] *Small* NAT/DMZ/LAN h/w suggestions?
- References:
- [tlug] *Small* NAT/DMZ/LAN h/w suggestions?
- From: Edward Wright
- Re: [tlug] *Small* NAT/DMZ/LAN h/w suggestions?
- From: Keith Bawden
- [tlug] *Small* NAT/DMZ/LAN h/w suggestions?
- Prev by Date: Re: [tlug] *Small* NAT/DMZ/LAN h/w suggestions?
- Next by Date: Re: [tlug] *Small* NAT/DMZ/LAN h/w suggestions?
- Previous by thread: Re: [tlug] *Small* NAT/DMZ/LAN h/w suggestions?
- Next by thread: Re: [tlug] *Small* NAT/DMZ/LAN h/w suggestions?
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |