Dear Martin and others, thank you very much for your hints. I think, I will try it.
regards Thomas PS: my leaf-box is user "leaf" at the uptime-project. With actually 306 days uptime it has rank 208 of 11377. * Martin Hejl <[EMAIL PROTECTED]> [060410 20:39]: > Hi Thomas, > > > When changing my internet connection to DSL, I will get an AVM Fritz Box SL > > from my Internet provider. It has a built-in firewall. Will it be useful to > > run in addition also shorwall on my Leaf router? > > > > What is your opinion? > I presume you need the AVM for DSL access (if I'm not mistaken, it has a > DSL modem built in) and possibly for other things too (like VOIP or so). > Despite it being a bit of overkill, there's nothing wrong with having a > LEAF box between your Fritz box and the local net (I've done it that way > at my mother's place, where I got a DSL Modem/Firewall/VOIP Gateway from > the provider). > In the end, I don't trust AVM, Linksys or D-Link (or any other company > that makes boxes like that) to make something that's "safe". With a LEAF > box, if somebody breaks into the router the provider gave me, they still > have to get past the LEAF box to get to the local net. There's nothing > wrong with several layers of security, especially when talking about DSL > (the bandwidth is not high enough that the extra router in between might > matter all that much. If you want to do lots of online gaming, you might > want to keep the LEAF box out of the loop though, to avoid the extra hop). > > The one thing you need to be aware of is that those AVM/D-Link/Linksys > boxes tend to use private IPs on their internal net (which would be > connected to the external interface of the LEAF box), so you need to > change the Shorewall config accordingly (if I remember correctly, > Shorewall doesn't like private addresses on what it considers to be the > external interface). > > I hope that helps. > > Martin > > ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
