From owner-freebsd-questions Mon May 15 1:38:43 2000 Delivered-To: freebsd-questions@freebsd.org Received: from laxmls01.socal.rr.com (laxmls01.socal.rr.com [24.30.163.10]) by hub.freebsd.org (Postfix) with ESMTP id B4BAC37B56B for ; Mon, 15 May 2000 01:38:37 -0700 (PDT) (envelope-from adampalitz@earthlink.net) Received: from adam ([24.24.254.146]) by laxmls01.socal.rr.com (Post.Office MTA v3.5.3 release 223 ID# 0-59787U250000L250000S0V35) with SMTP id com for ; Mon, 15 May 2000 01:38:36 -0700 Message-ID: <024101bfbe48$d10d5d60$92fe1818@socal.rr.com> From: "adam palitz" To: "free bsd questions" Subject: Date: Mon, 15 May 2000 01:37:34 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6600 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Grant it I dont know much about Nat...but what I do know (its a standard proxy program that tunnels local addresses inside global address) is that its not terribly suffisticated (neither is my spelling :) ) ...no rules, filtering, portblocking, logging...I should have realized though that you where going to run a firewall along with it on the same box (although you did mention only NAT)...but in either case I would still opt with an external modem for two reasons...first, you have only to worry about buying an inexpensive 10baseT card if for some reason BSD doesn't like the hardware...and secondly...you can take advantage of your ISP's DynIP policies (if the need ever arrised)....and ahh by the way...would you happen to know why my pointer looks like a big white block in X?... :-)...yes I'm sure you have arived at the conclusion (by looking at the above ramblings) that I'm not very safisticated when it comes to freebsd either. thanks Adam ----- Original Message ----- From: "Brennan W Stehling" To: "adam palitz" Cc: "free bsd questions" Sent: Monday, May 15, 2000 12:05 AM Subject: Re: Freebsd and ADSL > Why would running a DSL with NAT not be secure? I have ipnat doing > address translation for me to a 192.168 network with ipfw running on the > gateway box. I believe that is decently secure. > > Is it not? Or were you saying that plugging computers into the ethernet > ports of the DSL device directly? Now that would not be secure, unless > each machine was a firewall box I suppose. > > With my system there is a DSL box with 5 ethernet ports. I use one which > connects to one of the two ethernet cards in my FreeBSD box which is > acting as a gateway with ipnat. I then have a second ethernet card go out > to a 8 port hub which then allows me to connect 7 other computers with > 192.168.1.* addresses. And each one is then behind the ipfw firewall in > addition to having the 192.168 private addresses. > > I feel it is rather secure, although I have not really had someone audit > the system. As I learn more about ipfw rules I will get into the guts a > bit more. > > And maybe I will be able to get udp traffic to go through so I can watch > quicktime streaming properly on my iMac... :) > > Brennan Stehling - web developer and sys admin > projects: www.greasydaemon.com | www.onmilwaukee.com | www.sncalumni.com > > Microsoft: Will you get a macro virus today? > > On Sun, 14 May 2000, adam palitz wrote: > > > Umm...I believe thats the internal 3com dsl router ...and I would say absalutly don't buy that piece of crap and expect it to work with BSD...My friend had one that he wanted to use with W2k...and of course they didn't even have drivers for that (so I doubt even linux would be supported)...Also...check and see if your DSL provider offers multiple Dynamic IPS...usually the big telco ISP's do, and if so try to get an external modem, and a hub (you said you where going to use NAT, so I take it that your not to concerned about security)...I don't know what area your in, but where I'm from (Southern California) they offer all CPE for free...If I was you I would try to find the same deal...try to haggle a little...see if anything comes of it. > > > > adam > > ----- Original Message ----- > > From: Clay Smith > > To: freebsd-questions@FreeBSD.ORG > > Sent: Sunday, May 14, 2000 2:24 PM > > Subject: Freebsd and ADSL > > > > > > I'm getting ADSL in my home on Thursday and I'll be using my freebsd server with NAT to get my network on the internet just like I do now. The only problem is, I'm not getting a dsl modem from my telco, so I have to purchase one elsewhere. The best one I can find is an internal 3com PCI adsl ATU. Does anyone know if this is supported under Freebsd 4.0-Stable? If not, will it be if I upgrade to current? > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message