l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
November 4: Social gathering
Next Installfest:
TBD
Latest News:
Oct. 24: LUGOD election season has begun!
Page last updated:
2001 Dec 30 17:10

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Linksys router (was: [vox] miracle on alvarado ave)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Linksys router (was: [vox] miracle on alvarado ave)



On Sat, 15 Sep 2001, Foo Lim wrote:
> On Sat, 15 Sep 2001, ME wrote:
> > The firewall rules are *weak* [on the LinSys WAP/router/FW].
> >
> > TCP/IP implementation is not production quality (IMO, BYMMV).
> 
> Can you clarify how you came to these conclusions?  Was it the
> configuration options that made the rules weak?  Did you compare the
> TCP/IP implementation with benchmark loads?  A curious mind would like
> to know!  :)  TIA, FL

Here are a few items encountere with the original firmware. The frequecy
of events has decreased, but not gone away.

With linux you can do network layer redirection of traffic so incoming IP
addresses are passed i the packets to the destination redirection
host. This makes the log files for the said service on the destination
host look "right", while application layer redirection (which seems to be
what was used here) shows your connections all coming from the IP address
of the application layer redirector.

You have limited nubers of "checkboxes" to use for redirection of
services. Want more? too bad.

Funky incoming packets would kill the LinkSys. (Not something you want in
a firewall for a network.) Tihs did improve with later BIOS revisions, but
is not nearly as reliable as my Linux box with a hundred plus days of
uptime - only having been down for a kernel upgrade, or power failure.

You have checkboxes you can select or de-select items listed, but manual
control is really lacking when compared to linux.

There are other items, but these are the ones I can think of.

Te box works well for my needs. Wireless access in my house, but not
acting as my firewall - just acing as an access point and "secured" by
rules on a linux box's fwrules for a 4th interface.

Ca do more specifics with some time, but these are the ones that stand out
in my mind.

-ME



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!