Hi John,
I have a cable Internet connection and run it through a Linksys router. This has NAT built in for protection. Of course through this I run DHCP to three other machines in a home network, 1 linux and 2 wins. Is this good enough or do I need to setup a personal firewall besides. I have Suse 7.1 and don't have the personal firewall on as this is the way the auto setup did it through Yast. If I do turn it on will this throw a monkey wrench into the something that is running fine now. I'm a newbie at firewalls and the option of just having it done automatically seemed appealing. But I figured Yast has to be much brighter then me and it had to be a reason. I'm thinking because of the DHCP?
John.........
The personal-firewall does very simple things: it declines connection
attempts, blackholes UDP traffic and limits icmp echo replies. There is
only one configuration item: The interface that it should work on. The
name of the interface(s) is set in the variable
REJECT_ALL_INCOMING_CONNECTIONS in /etc/rc.config.d/security.rc.config.
Examples:
# everything:
REJECT_ALL_INCOMING_CONNECTIONS="yes"
# the same as
REJECT_ALL_INCOMING_CONNECTIONS="all"
# for ISDN:
REJECT_ALL_INCOMING_CONNECTIONS="ippp0"
# for modems:
REJECT_ALL_INCOMING_CONNECTIONS="modem"
# and for modems as well as the second ethernet card, plus masquerade
# everything:
REJECT_ALL_INCOMING_CONNECTIONS="modem masq eth0"
By consequence, all traffic arriving on one of the specified interface
will get blocked, in particular dhcp packets arriving on eth0 (in case you
chose "all"). Use the interface name of your external interface to
re-enable your dhcp setup.
Thanks,
Roman.
--
- -
| Roman Drahtmüller