Re: [SLUG] Router

From: Eben King (eben1@tampabay.rr.com)
Date: Sun Oct 10 2004 - 14:23:59 EDT


On Sun, 10 Oct 2004, Joe Brandt wrote:

> We have an exisiting Lan here at home. We use a Linksys wireless router
> to allow several computers to share our DSL. I have a couple SOB's
> (slow old box) and am thinking of turning one into a dedicated security
> box. Where in the chain would I place it? My guess is between the
> modem and Linksys.

What I did was this:

( internet )
      |
      |
[cable box]
      |
      |
[eth1-^ SOB v-eth0]
            |
      / hub/ \ -- ...
      | router/ | -- ...
      \ switch / -- ...

(no wireless router)

I had cable, but DSL is functionally equivalent. eth1 on SOB had a DHCP
client, eth0 has a DHCP server (really any computer can, as long as it's
up most of the time). eth0 and eth1 are arbitrary names; they could be
switched as desired.

Some cable/DSL companies require that you notify them if you use a
different MAC (mine didn't). If they do, it would be less hassle for you
if the SOB goes after the router, so the DSL box sees the same MAC. Does
you have any wireless clients that you want protected by the SOB? Then
the SOB should go _in front_ of the router. I don't think you can have it
both ways, unless your SOB supports MAC spoofing.

> I did a Google search but since Linksys is a firewall I could not think
> of a query which would bring up answers.

"firewall linux" perhaps? ipchains/iptables is the built-in(?) software
to do that. There are a couple boot-from-CD or boot-from-floppy firewall
kits; I never used one, but I have one on CD somewhere (40-something MB)
if that would help.

-- 
-eben    ebQenW1@EtaRmpTabYayU.rIr.OcoPm    home.tampabay.rr.com/hactar

Logic is a systematic method of coming to the wrong conclusion with confidence.

----------------------------------------------------------------------- This list is provided as an unmoderated internet service by Networked Knowledge Systems (NKS). Views and opinions expressed in messages posted are those of the author and do not necessarily reflect the official policy or position of NKS or any of its employees.



This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 19:30:40 EDT