From owner-freebsd-questions Tue Jan 25 14:40: 9 2000 Delivered-To: freebsd-questions@freebsd.org Received: from pogo.caustic.org (pogo.caustic.org [208.44.193.69]) by hub.freebsd.org (Postfix) with ESMTP id 8794715368 for ; Tue, 25 Jan 2000 14:40:02 -0800 (PST) (envelope-from jan@caustic.org) Received: from localhost (jan@localhost) by pogo.caustic.org (8.9.3/ignatz) with ESMTP id OAA02942; Tue, 25 Jan 2000 14:40:51 -0800 (PST) Date: Tue, 25 Jan 2000 14:40:51 -0800 (PST) From: "f.johan.beisser" To: William Woods Cc: freebsd-questions@FreeBSD.ORG Subject: Re: DSL natd rules.... In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG i'd actually use the NAT box as a firewall, since it can do a bit more than cisco's IOS can.. on the other hand, depending on how much protection you really want or need, you might do the packetfiltering from the cisco anyway. IPFW or IPFilter are both really powerful tools in controlling the flow of data from one network to the other. you should check both out pretty extensivly. i've recently switched to IPFilter (it's slightly more powerful, IMHO). anyhow, that's my two cents. -- jan On Tue, 25 Jan 2000, William Woods wrote: > > so, questions: > > > > 1 - is the cisco going to firewall, or do you want the freebsd box to do > > it? > > The cisco will be a REAL BASIC firewall, blocking all smb from the outside so I > can run samba inside. > > > 2 - do you need to access the network from anywhere else? > > Nope > > I will re-read that page on natd also, thanks +-----// f. johan beisser //------------------------------+ email: jan[at]caustic.org web: http://www.caustic.org/~jan "knowledge is power. power corrupts. study hard, be evil." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message