LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   SUSE / openSUSE (https://www.linuxquestions.org/questions/suse-opensuse-60/)
-   -   Which Firewall? (https://www.linuxquestions.org/questions/suse-opensuse-60/which-firewall-442900/)

drowbot 05-08-2006 04:53 PM
Which Firewall?
 
I just installed OpenSUSE a few weeks ago. I have 2 computers (mine & my wife's) & a 2Wire 1000HW wireless router/DSL Modem.
My question is this: which firewall should I use? The one built into the router, the one that in YaST, or another one?

pljvaldez 05-08-2006 04:58 PM
Both. :D I'm sure it's a bit of an overkill, but that's what I do at home. That way it allows me to do some specific firewalling right at the point of entry while also allowing certain services to run on one machine without allowing that service on another (for example my wife uses ICQ, so that port has to be opened up in the router and on her windows box, but since I'm not using ICQ on the linux box, I don't want that port open).

Not sure which one comes with OpenSUSE, but I personally prefer using fwbuilder to build my own custom firewall. As an added benefit, I have a router that I installed a 3rd party firmware on, so I can upload a custom firewall onto it from fwbuilder. Kills two birds with one stone...

Brian1 05-08-2006 05:13 PM
As long as the router is set not to forward any outside ports to the internal lan side then it is pretty safe over-all. But the more security you add the better. At this time I am using a linux box as a firewall DMZ. Then have a store bought wireless router after that to the lan machines. So two firewall routers off the bat and then the machines are running firewalls to protect against drive by wifi. wireless is using mac filtering, ip filteing, wpa as well.I configure my iptables manually with and editor.

Brian1

fragos 05-08-2006 05:21 PM
Two firewalls are far from overkill and give a number of advantages. Every PC should be configured with its own firewall -- the default install. My external firewall is in my Netgear wireless router. The external firewall provides NAT, Network Address Translation, for additional protection of your network. The external firewall will be stricter than those in your PCs. This allows you to have protocol access between PCs without making those protocols visible to the outside world. You can get all of this without any special firewall configuration. Just use DCHP and plug things together. Suse is very good about adjusting your internal firewalls to allow servers like CUPS or NFS that you create for LAN access. WAN access to these servers will require external firewall configuration.

drowbot 05-09-2006 09:36 AM
Thanks for your replies! I'll just leave things as is & customize the firewalls on each machine. Thanks again!


All times are GMT -5. The time now is 12:01 AM.