[Gllug] [OT] dsl router advice?

Wiehe, Simon simon.wiehe at csfb.com
Mon Oct 18 12:28:05 UTC 2004


Don't know how it would work with multiple inbound ip addresses but I have a
netgear router and run NAT on that. When I was too lazy to configure the
Router Firewall correctly I had a default rule that would push everything
except designated ports through to my playstation 2, which I use for network
gaming. I would look to push everything for a given destination IP address
through to the designated machine. However, I would advise against doing a
blanket port forward and only open the explicit ports as I suffered badly with
DoS attacks and my network gaming suffered as a result. I would have thought
that your ISP will forward anything for your new IP address to you maintaining
the destination IP address, this would allow you to do the NAT, rather than
effectively exposing a particular port to a machine regardless of which ip
address of your 3 the packet comes in from. 

Once you have configured everything, take a look at Shields Up on
http://www.grc.com. They will do a number of port scans and tell you how
secure your system is.

Simon

-----Original Message-----
From: gllug-bounces at gllug.org.uk [mailto:gllug-bounces at gllug.org.uk]On
Behalf Of Andy McGarty
Sent: 18 October 2004 12:51
To: gllug at gllug.org.uk
Subject: [Gllug] [OT] dsl router advice?


Hi,

I have my linux boxes behind a DSL router doing NAT at present but I need 
to make one of them have a public address.

My current cheapo router has a thing called half bridge that seems to 
allow this but its very flakey and I lose the connection every few minutes 
so I've gone back to the previous NAT config.

I know a number of people have servers on public DSL addresses and wonder 
what dsl routers you are using?  I currently have just the one IP, but my 
provider has given me two extras (not in the same subnet!) so presumably 
the router will have to become transparent to pass everything through to 
my own linux based firewall/servers.  Will I have to use "bridged ethernet 
over ATM" rather than my current IP over ATM?

Finally, I'm confused how the gateway address I've been using is on a 
totally different subnet to the my own ip/netmask as I've always thought 
your router had to be on the same subnet?

Any advice on the above would be appreciated.

Andy
aka confused of Purley
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug

==============================================================================
This message is for the sole use of the intended recipient. If you received
this message in error please delete it and notify us. If this message was
misdirected, CSFB does not waive any confidentiality or privilege. CSFB
retains and monitors electronic communications sent through its network.
Instructions transmitted over this system are not binding on CSFB until they
are confirmed by us. Message transmission is not guaranteed to be secure.
==============================================================================

-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list