On Wed, Aug 22, 2001 at 08:56:25PM -0700, Asher Densmore-Lynn wrote: > At 08:08 PM 8/22/01 -0500, you wrote: > > >"Wrong" answer? Er, this list is called debian *firewall*. If you > >can explain to me how a machine with only one nic running ipmasq can > >properly function as a firewall, I'll consider accepting your > >criticism that my answer was "wrong". > > It's got a NIC and then it's running pppd over a modem or serial port, > providing null-modem or dialup access? > > (: > > But that's probably cheating. No, that's perfectly acceptable. It's also completely unrelated to the post that started this thread :) Think about it though ... ppp0 is an interface. Same with SLIP or PLIP. When you have two interfaces, your box is now a router, and since all traffic in or out has to pass through you've got a firewall (it's still up to you to configure effective firewall rules.) One network interface using IP aliasing and ipmasq provides no security at all. -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Ltd. | than a perfect plan tomorrow. mailto:nnorman@micromuse.com | -- Patton
Attachment:
pgpwkqSi42N9P.pgp
Description: PGP signature