1 |
Unless its limiting you in some fashion, leave it there as an extra |
2 |
layer of protection - dedicated HW firewalls are often more secure than |
3 |
a general purpose machine, but lose out in the flexibility/functionality |
4 |
stakes. You can also get funky and use the gentoo box to detect suspect |
5 |
traffic, and then deny it by uploading the ACL deny to the firewall. |
6 |
|
7 |
Personally, while I really like my gentoo firewall/gateway, I would love |
8 |
to have this option to completely remove traffic I designate from |
9 |
hitting the inner firewall at all. Make the most of it! |
10 |
|
11 |
BillK |
12 |
|
13 |
On Thu, 2005-10-06 at 21:42 -0500, Mark wrote: |
14 |
> I'd like to build a gentoo box to act as a single router between a |
15 |
... |
16 |
> One quandary I have is regarding the hardware firewall. We have money |
17 |
> invested in it, but does it buy me anything now that we are creating |
18 |
> the 2 separate subnets? Should I just sell it and let the Gentoo box |
19 |
> be the firewall as well? |
20 |
> |
21 |
> Thanks for any insight, as always. |
22 |
> -- |
23 |
> Mark |
24 |
> [unwieldy legal disclaimer would go here - feel free to type your own] |
25 |
-- |
26 |
gentoo-user@g.o mailing list |