On Thu, 11 Jan 2007, b.n. wrote:
>
> Generally, the modem handles all the potentially difficult nasties of
> gettting the PPP stuff underway, and you cant even tell what your
> external IP is unless you query the modems web interface. To the user,
> you can just be 192.168.1.50, and the modem can be 192.168.1.1, and
> the modem being the default gateway, and all the rest is handled by
> NAT magic.
>
So this means that all firewalling is made by the router, who knows with
what software...
Well, you can disable router firewalling and firewalling your box, why not?
Actually, that's the most sensible thing to do.
I think I was confused and said nonsense. The box having a private IP
doesn't preclude it seeing the IP of incoming packets, so I suppose I
can have the router firewall active (whatever it may be) and also
Shorewall on the workstation. After all, redundant security doesn't
hurt.
Cheers.
--
Jorge Almeida
--
gentoo-user@gentoo.org mailing list
