I am using linux iptables (NAT) with no special config and have no problems losing chat channels.... About to gank the damn thing in favor of a linux based firewall...
I am using linux iptables (NAT) with no special config and have no problems losing chat channels.... About to gank the damn thing in favor of a linux based firewall...
I'm not a linux guy so I don't really understand what "linux iptables" are or how they are implemented. Are you suggesting that I could implement a software firewall on a linux box as an alternative to the SOHO hardware firewall?
I'm all ears. I don't know linux, but I'm a software guy and I build all of my own PCs on my LAN so I'm not averse to attempting to learn something new, particularly something as topically interesting as linux (although, truth be told, I am a Wintel chauvinist, largely on practical grounds).
Perhaps this will provide the impetus I've needed to get me to take a closer look...
Bob
Hi Bob,
The brief explanation is, Linux (the kernel) contains a feature called Netfilter. Netfilter is a stateful packet inspector (this is a short description) The user-space command to interface with the Netfilter is called 'iptables'.
There are many many software packages available to make configuring and setting up a Linux Netfilter based firewall. Some even look exactly like FW1. I would recomend searching google to get a more detailed description of all this. If you want one of the nice software packages, check out http://freshmeat.net you will be able to find them all indexed there.
When it comes to being practical, you'll never beat a Linux firewall, in terms of cost, both up front and back end.
fee
Ok, I'm willing to take a look at alternatives. In addition to potentially solving my EQ chat problem, this quest has the advantage of introducing me to the world of linux, something I should be exploring on general principles.
If I understand correctly, I could build a box out of the many spare components that I've got lyring around the house, set it up as a linux box, buy some additional software and set this up as a secure alternative to my hardware-based SOHO firewall. This is obviously not the place for this discussion, I'll go find a relevant newsgroup, but before I start the quest, I want to know if some of my basic starting assumptions are correct.
Will this take care of all port forwarding and routing that I'm currently doing with my SOHO firewall? I have my own domain and run my own Exchange mail server at my site and my one static ip points to my SOHO, which in turn forwards all incoming mail (or whatever) to the appropriate machine NAT'd internally. I assume I'll continue to be able to do this? Will I be able to support a DMZ where I can place a dedicated game server (e.g., Battlefield 1942 or NWN)? I can't currently do this with the SOHO2.
I'll take a look at the site you mentioned. What software, at a minimum, will I need to get going and which linux do you recommend to a Windows junkie who's done more than his share of C programming in a bourne shell, but long, long ago...
Many thanks, and apologies to the audience if this is getting too far off-topic.
Bob
there is no buy, its all free and part of the linux kernel itself. mandrake or redhat are notoriously easy for beginners.
I have a Linux firewall running Checkpoint. I also found that chat will stop working after a while but it was because of Checkpoint's UDP Virtual Session Timeout value set too low. Once I increased the value, Checkpoint stopped messing with my /chat sessions. I don't know if similar firewalls do the same thing. I know ipchains doesnt.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote