proxies and firewalls
Jorn Argelo
jorn at wcborstel.nl
Mon Feb 2 10:30:15 PST 2004
On Monday 02 February 2004 19:04, you wrote:
> Thanks for the detailed explanation.
> The light bulb has turned on in my head.
> I learn something new all the time on this list.
>
> So let me put this in my own words to verify I understand correctly.
> Lets say I have gateway box running 5 PCs on LAN behind it,
> with cable dhcp connection to ISP.
> The gateway box runs IPFILTER firewall and IPNAT to do NAT function.
>
> I can discontinue using IPNAT and install an application level proxy
> server on my gateway box and it will by default intercept all LAN
> and gateway originating packet traffic destine for the public
> internet after it's processed by my firewall and handle the
> bi-directional traffic transparently?
Well, at home I'm using both NAT and a proxy server, but that's because I
can't play some online games by means of the proxy server, and the MSN
clients are refusing to work my proxy server as well, but for browsing all
four the computers are using the proxy server. I'm not running a firewall,
because the proxy server provides decent security for home use here. All the
ports are closed except those which are needed. (Webserver, Mail server etc)
If you're at a small company then the current situation you describe seems
just fine to me. If you're at home then you can use this as well, but if you
got a gamer at home he isn't going to be happy since you can't really use a
proxy for online gaming. So it depends a bit....
Hope this helped a bit.
Cheers,
Jorn
More information about the freebsd-questions
mailing list