On 2019-02-02 11:35 p.m., Toshi Esumi wrote:
On 2/2/19 1:28 PM, Dave Howorth wrote:
Most of my home security depends on my ADSL router and especially on the NAT it provides.
Setting a proper FW at the entry point is the most effective way. That's why it's called a FireWall -- peaceful world inside of it whatever you have inside. My suggestion is:
1) find a proper FW that suits your need, satisfaction and budget, either a PC/server based (of course with two NICs:inside and outside) or a dedicated box/chassis based (always come with 2+ interfaces for both sides), and hopefully coming with a subscription to update virus/malware/etc. signature database as soon as possible. In other words, look for a business class FW targeted at home offices.
2) Put your vendor ADSL router/modem in modem/bridge mode, so that the FW in 1) behind the vendor modem can handle NAT/VIP and all other firewalling needs.
Of course many modern cane/fibre/pair routers are so sophisticated now, they include a firewall, packet filtering and more. And you don't need leading edge technology; I have five year old or more equipment that does that. And then there is always the DD-RT and the OpenWRT projects, and you'll have, at the very least, iptables capability. -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org