From mboxrd@z Thu Jan 1 00:00:00 1970
Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org)
by nuthatch.gentoo.org with esmtp (Exim 4.62)
(envelope-from <gentoo-user+bounces-58358-garchives=archives.gentoo.org@gentoo.org>)
id 1H5jBk-000701-SP
for garchives@archives.gentoo.org; Sat, 13 Jan 2007 13:44:53 +0000
Received: from robin.gentoo.org (localhost [127.0.0.1])
by robin.gentoo.org (8.13.8/8.13.8) with SMTP id l0DDhiEV021205;
Sat, 13 Jan 2007 13:43:44 GMT
Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.171])
by robin.gentoo.org (8.13.8/8.13.8) with ESMTP id l0DDdfaq009161
for <gentoo-user@lists.gentoo.org>; Sat, 13 Jan 2007 13:39:42 GMT
Received: by ug-out-1314.google.com with SMTP id z38so987177ugc
for <gentoo-user@lists.gentoo.org>; Sat, 13 Jan 2007 05:39:41 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; c=nofws;
d=gmail.com; s=beta;
h=received:from:reply-to:to:subject:date:user-agent:references:in-reply-to:mime-version:content-type:content-transfer-encoding:message-id;
b=PMJiGRMzCpkRA93mIppoh9XqoboHfUBfZrSfRVJzwNKJ7Zv/jkyMbp7MU4X90rEr0NsCYyyPic9fqOI75i7Ma0zxjo36F1yimzBPGGFFD3u3ysBMTYV2CGvAOHhXzfTTfki6b5BDxj7fyk3RtTjFk4q1sg1OvmmrrvcObJ125rs=
Received: by 10.78.158.11 with SMTP id g11mr1184605hue.1168695581071;
Sat, 13 Jan 2007 05:39:41 -0800 (PST)
Received: from lappy.study ( [213.162.120.196])
by mx.google.com with ESMTP id 37sm2353143hua.2007.01.13.05.39.39;
Sat, 13 Jan 2007 05:39:39 -0800 (PST)
From: Mick <michaelkintzios@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] moving to ADSL
Date: Sat, 13 Jan 2007 13:38:29 +0000
User-Agent: KMail/1.9.5
References: <Pine.LNX.4.64.0701101748250.17473@jmaa.math.ist.utl.pt> <45A69F4C.8060105@gmail.com> <Pine.LNX.4.64.0701112206460.22831@jmaa.math.ist.utl.pt>
In-Reply-To: <Pine.LNX.4.64.0701112206460.22831@jmaa.math.ist.utl.pt>
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Content-Type: multipart/signed;
boundary="nextPart2048838.3Upg9gGp9I";
protocol="application/pgp-signature";
micalg=pgp-sha1
Content-Transfer-Encoding: 7bit
Message-Id: <200701131339.17128.michaelkintzios@gmail.com>
X-Archives-Salt: 038c2e6d-78df-4113-9cab-5fa6d35a943c
X-Archives-Hash: 679bc7e8d181450971e5658c83ff355f
--nextPart2048838.3Upg9gGp9I
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
On Thursday 11 January 2007 22:15, Jorge Almeida wrote:
> On Thu, 11 Jan 2007, b.n. wrote:
> > Well, you can disable router firewalling and firewalling your box, why
> > not? Actually, that's the most sensible thing to do.
>
> I think I was confused and said nonsense. The box having a private IP
> doesn't preclude it seeing the IP of incoming packets, so I suppose I
> can have the router firewall active (whatever it may be) and also
> Shorewall on the workstation. After all, redundant security doesn't
> hurt.
That's how I have set up mine. The Netgear [ADSL modem/NAT router/SPI=20
firewall (statefull packet inspection)] box does its tricks, inc. acting as=
a=20
DHCP, DNS server and gateway for the boxen on the LAN, while each LAN machi=
ne=20
has an additional layer of security by running its own firewall.
BTW, my Netgear DG834 is running this much:
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
cat /proc/version
Linux version 2.4.17_mvl21-malta-mips_fp_le (root@Run-P4) (gcc version 2.95=
=2E3=20
20010315 (release/MontaVista)) #6 Wed Sep 7 16:50:05 CST 2005
iptables
iptables v1.2.8: no command specified
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
and this is what's in the box:
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
cat /proc/cpuinfo
processor : 0
cpu model : MIPS 4KEc V4.8
BogoMIPS : 149.91
wait instruction : no
microsecond timers : yes
extra interrupt vector : yes
hardware watchpoint : yes
VCED exceptions : not available
VCEI exceptions : not available
cat /proc/meminfo
total: used: free: shared: buffers: cached:
Mem: 14757888 9375744 5382144 0 1011712 3612672
Swap: 0 0 0
MemTotal: 14412 kB
MemFree: 5256 kB
MemShared: 0 kB
Buffers: 988 kB
Cached: 3528 kB
SwapCached: 0 kB
Active: 1608 kB
Inactive: 4268 kB
HighTotal: 0 kB
HighFree: 0 kB
LowTotal: 14412 kB
LowFree: 5256 kB
SwapTotal: 0 kB
SwapFree: 0 kB
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
You configure the iptables using the web GUI, which runs on cgi scripts. =20
OpenWRT have a work-in-progress Linux image for it. Hopefully development=
=20
will continue because I really like to set up ssh access to it. There are=
=20
also ADSL routers in the market that have usb ports for attaching USB drive=
rs=20
to be accessed by LAN machines as network drivers. Of course hacking the=20
kernel on a machine like DNS-120, which can accept USB flash or hard drives=
=20
and make them accessible from the Internet is probably a more interesting=20
proposition . . .
=2D-=20
Regards,
Mick
--nextPart2048838.3Upg9gGp9I
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQBFqOEF5Fp0QerLYPcRAtbyAJ9573y2qSIyIU0YGvzaUz5/hS89sACbB1Tw
7S/xJG7RKmQXDWDQOOReFaI=
=qTkg
-----END PGP SIGNATURE-----
--nextPart2048838.3Upg9gGp9I--
--
gentoo-user@gentoo.org mailing list