[Shorewall-newbies] Linksys router between cable modem and Linux
teastep at shorewall.net
Sat Mar 6 08:05:04 PST 2004
On Saturday 06 March 2004 05:45 am, Aubrey Kilpatrick wrote:
> Hi Tom,
> I am thinking about puting a "Linksys Etherfast Cable/DSL router" between
> my existing Linux router/firewall box and my cable modem.
> The existing Linux router/firewall (three nics with Shorewall) has been
> working with the cable modem perfectly and is not a problem.
What benefit to you expect from this setup? It isn't obvious to me but then I
haven't looked closely at these little routers.
> My question is will I have to make major changes to my Linux R/F box to put
> the Linksys router between the cable modem and the Linux box? Does anyone
> on the list presently have such a setup running?
This is an ideal application for the new bridging firewall code (see
http://www.shorewall.net/2.0/bridge.html). That would require quite a bit of
change though (including an upgrade to Shorewall 2.0.0-RC1 plus the bridging
components). Note that while the above URL only talks about a two-port
bridge, the bridging code supports an arbitrary number of ethernet ports as
does the Shorewall bridging support.
If you leave your current R/F as a router, the main changes will likely be to
your addressing. Since the R/F's external interface will have an RFC 1918
address (the Linksys does SNAT I believe), you will want to remove
'norfc1918' from your external interface entry in /etc/shorewall/interfaces.
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep at shorewall.net
More information about the Shorewall-newbies