[TCLUG] To firewall or not to firewall...

[Callum Lerwick]

> This is not alltogether bad, but the side affect is that any
> additional filtering of traffic to the web server must be accomplished
> through the DSL modem.  This modem has a grand total of 10 filter
> rules.  If you have only one static IP address allocated to you, then
> you are forced to deal with the Cisco's NAT.

One thing to think about is logging. Personally, I log all rejected
packets. Last I checked, cheapie dedicated firewall boxen can't log...