View Single Post
  #7   (View Single Post)  
Old 10th February 2010
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

As you have "proved" through your test -- NAT alone provides some firewall-like capabilities, all by itself.

But NAT does not provide traffic shaping, traffic overload protection, program controlled redirection, or any of the other myriad capabilities of a program controlled router that acts as a firewall. If none of those advanced capabilities are of value to you, then using OpenBSD as a firewalling router might not be of value to you.

But in your test, OpenBSD was an end-use computer, not a router. You were merely proving to yourself that NAT acts as a limited capability firewall. You were testing your NAT router, not OpenBSD, and your test was not evaluating OpenBSD at all.
Reply With Quote