Iptables initialization

Bill's LFS Login lfsbill at nospam.dot
Sat Feb 14 09:16:12 PST 2004


On Sat, 14 Feb 2004, Dagmar d'Surreal wrote:

> On Fri, 2004-02-13 at 11:08, Bill's LFS Login wrote:
> > On Thu, 12 Feb 2004 ken_i_m at elegantinnovations.net wrote:
> >
> > > On Thu, Feb 12, 2004 at 07:32:11PM -0500, Archaic (archaic at indy.rr.com) wrote:
> > > ><snip>

> You'll be pleased to hear that some of the models Cisco has out for
> routing/filtering T1 lines only have 33Mhz CPUs in them, so give it a
> shot with the 66Mhz machine just filtering traffic and put the services
> on the 100Mhz machine box.  If at all possible you want the firewall to
> only be firewalling things, as this means there's going to be fewer
> avenues for failure or entry into the bastion host.

Thanks! I reply in "Gateway Box Iptables Overhead (was Re: Iptables
initialization)", since I add a little more of my reasons there.

-- 
NOTE: I'm on a new ISP, if I'm in your address book ...
Bill Maltby
lfsbillATearthlinkDOTnet
Fix line above & use it to mail me direct.



More information about the hlfs-dev mailing list