Date: Thu, 4 Dec 2003 15:05:16 -0600 From: Bryan Cassidy <b_cassidy@bellsouth.net> To: freebsd-questions@freebsd.org Subject: Re: Router question Message-ID: <20031204150516.14065bc0.b_cassidy@bellsouth.net> In-Reply-To: <3FCEED2A.5060103@mindcore.net> References: <20031203182121.0cf47a5c.b_cassidy@bellsouth.net> <3FCEED2A.5060103@mindcore.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--Multipart=_Thu__4_Dec_2003_15_05_16_-0600_9mS1yISQb3pUZLL/ Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I was able to put something together. Aother PC. I've attached a copy of the dmesg of the other machine I have. This would be the section of the handbook on setting another pc up as a router wouldnt it? http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-routing.html I just want to start learning about this in the right areas to begin with. I've never really understood nat. Think maybe I should install FreeBSD 5.1 on the other machine or is 4.8 ok for this purpose even ok if I want to start doing more advanced network/security settings. Is there any advances on using 5.1 over 4.8 in this situation? So how would I go about setting this other machine up as a router? The PC I am using now is the one I like to do all my work on. I will have the other PC probable on the floor just below my main PC. I have an extra DSL cable. Plus what into what? Kinda confused here. I run these services on my box. Thanks for the help. Bryan CUPS Apache PHP COURIER-IMAP POSTFIX SquirrelMail On Thu, 04 Dec 2003 03:15:38 -0500 Scott W <wegster@mindcore.net> wrote: > Bryan Cassidy wrote: > > >-----BEGIN PGP SIGNED MESSAGE----- > >Hash: SHA1 > > > >Hello everyone. Hows everyone doing tongith/today? Well, I'm taking a > >week off of work and thought I would read up on Security/Networking > >and anything else to do with making my system/webserver secure. I am > >going to Best Buy (ya i know, but it's the only computer related > >store in this shitty town so.) to buy a router and was just wanting > >to see what people could recommend on which ones are good. I've nver > >really gotten into this kinda thing before but want to learn. Will > >there be anything extra that I should get while I'm at the store? > >Cables etc? I only have one pc is there any point in having a router > >with one pc? Any links to how to set this up on FreeBSD? Thanks in > >advance.-----BEGIN PGP SIGNATURE----- > >Version: GnuPG v1.2.3 (FreeBSD) > > > >iD8DBQE/zn4Bm8uTTHnDH3ERAsR1AKDTzQHhzHV0ei2OevUSo0jzdksikACghTjr > >QGg8Wa7hgX1Dr4vTXGjgCo8= > >=LXnN > >-----END PGP SIGNATURE----- > >_______________________________________________ > >freebsd-questions@freebsd.org mailing list > >http://lists.freebsd.org/mailman/listinfo/freebsd-questions > >To unsubscribe, send any mail to > >"freebsd-questions-unsubscribe@freebsd.org" > > > > > > > If you've got only a single PC to connect, then the only reason for > wanting (not needing) a (presumably broadband) router is anything > fairly recent will do NAT (address translation, basically lets > 1 PC > share 1 public IP address). One of the 'side benefits' of NAT routers > is that they closes off connections initiated from the outside world > (the Net). Not that big of a deal with freeBSD, as the default > services running by default are pretty sensible (compared to past and > some current versions of Solaris, RedHat, SuSe etc etc), but this is > generally A Good Thing if you're running Windows at any point, or are > playing around with different services, as many of them have had > exploits in the past that script kiddies like to jump on. > > Of course, you can also turn your bsd system into a router by adding > another NIC, and then attaching a hub or switch to one NIC, and the > other to your DSL or cable modem... > > The disadvantage (serious annoyance IMHO) of 'hardware routers' > (opposed to software running on bsd or another *nix) is the general > lack of logging abilities. When I used to run several personal > domains, it was _amazing_ the number of portscans and IMAP and other > exploits that would be attempted on my systems. I personally like to > know what's being attempted against my systems, and most of the 'off > the shelf' routers from BestBuy, CompUSA etc are a far cry from Cisco > and others, who do run a 'real' (meaning user accessible) OS and can > handle logging as well as complex rules for port forwarding or > dropping routes.... > > As far as freebsd is concerned, if you do decide to get one for > whatever reason, the router is effectively dual homed, meaningin this > case, that it has an internal network IP (eg 192.168.1.254) as well as > an external IP which is what 'the world' sees, which is the IP > assigned to it via the cable/DSL modem/your ISP. You'll need to set > your 'internal' systems (your home PCs/systems) to have their default > gateway point to the internal IP of the router. That will be the case > regardless of whatever OS you run... > > Of course, even a 486 class system, with a minimal install of freebsd, > > with /usr mounted immutable, and a small hard drive, would make a > great router, and you could also play around with a remote log host > for logging, monitoring tools like logcheck, sentry, saint, and > others, as well as designating your own port forwarding and firewall > rulesets...if you decide to buy an 'off the shelf' router and still > want some sort of idea of who's trying to do what to your system(s), > you can port forward a 'popular' port (like IMAP/139, http/80, and/or > mail/25 to different ports on your local system and set things up to > only log the connection instead of running the actual services...... > > > Scott > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/z6GMm8uTTHnDH3ERAm1MAJsF09ewS/A3s1U/VH2u6NbCJQzVZQCguGJh +CwTOovNglGX7qe10R1lfOk= =PwDF -----END PGP SIGNATURE----- --Multipart=_Thu__4_Dec_2003_15_05_16_-0600_9mS1yISQb3pUZLL/ Content-Type: application/octet-stream; name="typescript" Content-Disposition: attachment; filename="typescript" Content-Transfer-Encoding: base64 U2NyaXB0IHN0YXJ0ZWQgb24gVGh1IERlYyAgNCAxNDozMzo1MSAyMDAzCj4gZG1lc2cJDQ0KQ29w eXJpZ2h0IChjKSAxOTkyLTIwMDMgVGhlIEZyZWVCU0QgUHJvamVjdC4NCkNvcHlyaWdodCAoYykg MTk3OSwgMTk4MCwgMTk4MywgMTk4NiwgMTk4OCwgMTk4OSwgMTk5MSwgMTk5MiwgMTk5MywgMTk5 NA0KCVRoZSBSZWdlbnRzIG9mIHRoZSBVbml2ZXJzaXR5IG9mIENhbGlmb3JuaWEuIEFsbCByaWdo dHMgcmVzZXJ2ZWQuDQpGcmVlQlNEIDQuOC1SRUxFQVNFICMwOiBUaHUgQXByICAzIDEwOjUzOjM4 IEdNVCAyMDAzDQogICAgcm9vdEBmcmVlYnNkLXN0YWJsZS5zZW50ZXguY2E6L3Vzci9vYmovdXNy L3NyYy9zeXMvR0VORVJJQw0KVGltZWNvdW50ZXIgImk4MjU0IiAgZnJlcXVlbmN5IDExOTMxODIg SHoNCkNQVTogUGVudGl1bSBJSS9QZW50aXVtIElJIFhlb24vQ2VsZXJvbiAoNDMzLjM4LU1IeiA2 ODYtY2xhc3MgQ1BVKQ0KICBPcmlnaW4gPSAiR2VudWluZUludGVsIiAgSWQgPSAweDY2NSAgU3Rl cHBpbmcgPSA1DQogIEZlYXR1cmVzPTB4MTgzZjlmZjxGUFUsVk1FLERFLFBTRSxUU0MsTVNSLFBB RSxNQ0UsQ1g4LFNFUCxNVFJSLFBHRSxNQ0EsQ01PVixQQVQsUFNFMzYsTU1YLEZYU1I+DQpyZWFs IG1lbW9yeSAgPSAzMzEyODQ0ODAgKDMyMzUyMEsgYnl0ZXMpDQphdmFpbCBtZW1vcnkgPSAzMTY3 MjMyMDAgKDMwOTMwMEsgYnl0ZXMpDQpQcmVsb2FkZWQgZWxmIGtlcm5lbCAia2VybmVsIiBhdCAw eGMwNTFkMDAwLg0KUGVudGl1bSBQcm8gTVRSUiBzdXBwb3J0IGVuYWJsZWQNCm1kMDogTWFsbG9j IGRpc2sNClVzaW5nICRQSVIgdGFibGUsIDggZW50cmllcyBhdCAweGMwMGZkZGEwDQpucHgwOiA8 bWF0aCBwcm9jZXNzb3I+IG9uIG1vdGhlcmJvYXJkDQpucHgwOiBJTlQgMTYgaW50ZXJmYWNlDQpw Y2liMDogPEhvc3QgdG8gUENJIGJyaWRnZT4gb24gbW90aGVyYm9hcmQNCnBjaTA6IDxQQ0kgYnVz PiBvbiBwY2liMA0KYWdwMDogPFNJUyBHZW5lcmljIGhvc3QgdG8gUENJIGJyaWRnZT4gbWVtIDB4 ZTAwMDAwMDAtMHhlM2ZmZmZmZiBhdCBkZXZpY2UgMC4wIG9uIHBjaTANCmF0YXBjaTA6IDxTaVMg NTU5MSBBVEE2NiBjb250cm9sbGVyPiBwb3J0IDB4NDAwMC0weDQwMGYsMHgzNzQtMHgzNzcsMHgx NzAtMHgxNzcsMHgzZjQtMHgzZjcsMHgxZjAtMHgxZjcgaXJxIDE0IGF0IGRldmljZSAwLjEgb24g cGNpMA0KYXRhMDogYXQgMHgxZjAgaXJxIDE0IG9uIGF0YXBjaTANCmF0YTE6IGF0IDB4MTcwIGly cSAxNSBvbiBhdGFwY2kwDQppc2FiMDogPFNpUyA4NWM1MDMgUENJLUlTQSBicmlkZ2U+IGF0IGRl dmljZSAxLjAgb24gcGNpMA0KaXNhMDogPElTQSBidXM+IG9uIGlzYWIwDQpwY2kwOiA8dW5rbm93 biBjYXJkPiAodmVuZG9yPTB4MTAzOSwgZGV2PTB4MDAwOSkgYXQgMS4xDQpvaGNpMDogPFNpUyA1 NTcxIFVTQiBjb250cm9sbGVyPiBtZW0gMHhlNWEwMDAwMC0weGU1YTAwZmZmIGlycSA1IGF0IGRl dmljZSAxLjIgb24gcGNpMA0KdXNiMDogT0hDSSB2ZXJzaW9uIDEuMCwgbGVnYWN5IHN1cHBvcnQN CnVzYjA6IDxTaVMgNTU3MSBVU0IgY29udHJvbGxlcj4gb24gb2hjaTANCnVzYjA6IFVTQiByZXZp c2lvbiAxLjANCnVodWIwOiBTaVMgT0hDSSByb290IGh1YiwgY2xhc3MgOS8wLCByZXYgMS4wMC8x LjAwLCBhZGRyIDENCnVodWIwOiAyIHBvcnRzIHdpdGggMiByZW1vdmFibGUsIHNlbGYgcG93ZXJl ZA0KdWh1YjE6IFRleGFzIEluc3RydW1lbnRzIFVULVVTQjQxIGh1YiwgY2xhc3MgOS8wLCByZXYg MS4xMC8xLjEwLCBhZGRyIDINCnVodWIxOiA0IHBvcnRzIHdpdGggNCByZW1vdmFibGUsIGJ1cyBw b3dlcmVkDQp1a2JkMDogTWljcm9zb2Z0IE1pY3Jvc29mdCBOYXR1cmFsIEtleWJvYXJkIFBybywg cmV2IDEuMTAvMS4xMSwgYWRkciAzLCBpY2xhc3MgMy8xDQprYmQwIGF0IHVrYmQwDQp1aGlkMDog TWljcm9zb2Z0IE1pY3Jvc29mdCBOYXR1cmFsIEtleWJvYXJkIFBybywgcmV2IDEuMTAvMS4xMSwg YWRkciAzLCBpY2xhc3MgMy8wDQp1bXMwOiBNaWNyb3NvZnQgTWljcm9zb2Z0IFdoZWVsIE1vdXNl IE9wdGljYWxcTS0uLCByZXYgMS4xMC8xLjIxLCBhZGRyIDQsIGljbGFzcyAzLzENCnVtczA6IDMg YnV0dG9ucyBhbmQgWiBkaXIuDQpwY2liMjogPFBDSSB0byBQQ0kgYnJpZGdlICh2ZW5kb3I9MTAz OSBkZXZpY2U9MDAwMSk+IGF0IGRldmljZSAyLjAgb24gcGNpMA0KcGNpMTogPFBDSSBidXM+IG9u IHBjaWIyDQpwY2kxOiA8U2lTIDUzMC82MjAgU1ZHQSBjb250cm9sbGVyPiBhdCAwLjANCnhsMDog PDNDb20gM2M5MDBCLVRQTyBFdGhlcmxpbmsgWEw+IHBvcnQgMHhkMDAwLTB4ZDA3ZiBtZW0gMHhl NWEwMTAwMC0weGU1YTAxMDdmIGlycSAxMSBhdCBkZXZpY2UgOS4wIG9uIHBjaTANCnhsMDogRXRo ZXJuZXQgYWRkcmVzczogMDA6MDE6MDI6ODY6MmQ6Y2UNCnhsMDogc2VsZWN0aW5nIDEwYmFzZVQg dHJhbnNjZWl2ZXIsIGhhbGYgZHVwbGV4DQpwY2kwOiA8dW5rbm93biBjYXJkPiAodmVuZG9yPTB4 MTEwNSwgZGV2PTB4ODMwMCkgYXQgMTMuMCBpcnEgMTANCnBjaTA6IDx1bmtub3duIGNhcmQ+ICh2 ZW5kb3I9MHgxMjVkLCBkZXY9MHgxOTY5KSBhdCAxNS4wIGlycSAxMg0KcGNpMDogPHVua25vd24g Y2FyZD4gKHZlbmRvcj0weDExYzEsIGRldj0weDA0NDEpIGF0IDE3LjAgaXJxIDEwDQpwY2liMTog PFNpUyA1NTkxIGhvc3QgdG8gQUdQIGJyaWRnZT4gb24gbW90aGVyYm9hcmQNCnBjaTI6IDxQQ0kg YnVzPiBvbiBwY2liMQ0Kb3JtMDogPE9wdGlvbiBST00+IGF0IGlvbWVtIDB4YzAwMDAtMHhjN2Zm ZiBvbiBpc2EwDQpmZGMwOiA8TkVDIDcyMDY1QiBvciBjbG9uZT4gYXQgcG9ydCAweDNmMC0weDNm NSwweDNmNyBpcnEgNiBkcnEgMiBvbiBpc2EwDQpmZGMwOiBGSUZPIGVuYWJsZWQsIDggYnl0ZXMg dGhyZXNob2xkDQpmZDA6IDwxNDQwLUtCIDMuNSIgZHJpdmU+IG9uIGZkYzAgZHJpdmUgMA0KYXRr YmRjMDogPEtleWJvYXJkIGNvbnRyb2xsZXIgKGk4MDQyKT4gYXQgcG9ydCAweDYwLDB4NjQgb24g aXNhMA0KdmdhMDogPEdlbmVyaWMgSVNBIFZHQT4gYXQgcG9ydCAweDNjMC0weDNkZiBpb21lbSAw eGEwMDAwLTB4YmZmZmYgb24gaXNhMA0Kc2MwOiA8U3lzdGVtIGNvbnNvbGU+IGF0IGZsYWdzIDB4 MTAwIG9uIGlzYTANCnNjMDogVkdBIDwxNiB2aXJ0dWFsIGNvbnNvbGVzLCBmbGFncz0weDMwMD4N CnNpbzA6IGNvbmZpZ3VyZWQgaXJxIDQgbm90IGluIGJpdG1hcCBvZiBwcm9iZWQgaXJxcyAwDQpz aW8wIGF0IHBvcnQgMHgzZjgtMHgzZmYgaXJxIDQgZmxhZ3MgMHgxMCBvbiBpc2EwDQpzaW8wOiB0 eXBlIDgyNTANCnNpbzEgYXQgcG9ydCAweDJmOC0weDJmZiBpcnEgMyBvbiBpc2EwDQpzaW8xOiB0 eXBlIDE2NTUwQQ0KcHBjMDogPFBhcmFsbGVsIHBvcnQ+IGF0IHBvcnQgMHgzNzgtMHgzN2YgaXJx IDcgb24gaXNhMA0KcHBjMDogR2VuZXJpYyBjaGlwc2V0IChFUFAvTklCQkxFKSBpbiBDT01QQVRJ QkxFIG1vZGUNCnBsaXAwOiA8UExJUCBuZXR3b3JrIGludGVyZmFjZT4gb24gcHBidXMwDQpscHQw OiA8UHJpbnRlcj4gb24gcHBidXMwDQpscHQwOiBJbnRlcnJ1cHQtZHJpdmVuIHBvcnQNCnBwaTA6 IDxQYXJhbGxlbCBJL08+IG9uIHBwYnVzMA0KdXNiMDogc2NoZWR1bGluZyBvdmVycnVuDQp1c2Iw OiBzY2hlZHVsaW5nIG92ZXJydW4NCmFkMDogMTAzMDBNQiA8TWF4dG9yIDkxMDgwRDU+IFsyMDky OC8xNi82M10gYXQgYXRhMC1tYXN0ZXIgVURNQTMzDQphY2QwOiBEVkQtUk9NIDxDUkVBVElWRSBE VkQtUk9NIERWRDYyNDBFPiBhdCBhdGEwLXNsYXZlIFBJTzQNCmFjZDE6IENEUk9NIDxMVE4zMDE+ IGF0IGF0YTEtbWFzdGVyIFBJTzQNCmFjZDI6IENELVJXIDxSL1JXIDJ4MngyND4gYXQgYXRhMS1z bGF2ZSBQSU80DQpNb3VudGluZyByb290IGZyb20gdWZzOi9kZXYvYWQwczFhDQphZDA6IFdSSVRF IGNvbW1hbmQgdGltZW91dCB0YWc9MCBzZXJ2PTAgLSByZXNldHRpbmcNCmF0YTA6IHJlc2V0dGlu ZyBkZXZpY2VzIC4uIGRvbmUNCmFkMDogV1JJVEUgY29tbWFuZCB0aW1lb3V0IHRhZz0wIHNlcnY9 MCAtIHJlc2V0dGluZw0KYXRhMDogcmVzZXR0aW5nIGRldmljZXMgLi4gZG9uZQ0KYWQwOiBXUklU RSBjb21tYW5kIHRpbWVvdXQgdGFnPTAgc2Vydj0wIC0gcmVzZXR0aW5nDQphdGEwOiByZXNldHRp bmcgZGV2aWNlcyAuLiBkb25lDQphZDA6IFdSSVRFIGNvbW1hbmQgdGltZW91dCB0YWc9MCBzZXJ2 PTAgLSByZXNldHRpbmcNCmFkMDogdHJ5aW5nIGZhbGxiYWNrIHRvIFBJTyBtb2RlDQphdGEwOiBy ZXNldHRpbmcgZGV2aWNlcyAuLiBkb25lDQo+IGV4aXQNDQpleGl0DQoKU2NyaXB0IGRvbmUgb24g VGh1IERlYyAgNCAxNDozMzo1NSAyMDAzCg== --Multipart=_Thu__4_Dec_2003_15_05_16_-0600_9mS1yISQb3pUZLL/--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031204150516.14065bc0.b_cassidy>