DaemonForums  

Go Back   DaemonForums > Miscellaneous > General software and network

General software and network General OS-independent software and network questions, X11, MTA, routing, etc.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 21st January 2009
JMJ_coder JMJ_coder is offline
VPN Cryptographer
 
Join Date: May 2008
Posts: 464
Default

And what if your stupid and annoying modem, which acts as a gateway/router, has its own inane firewall on it? And it doesn't offer any option to turn it off.

I would love to replace it with a *BSD box or just place *BSD on the modem/router -- but I can't see how to do that with the way my ISP handles stuff.
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14)
Reply With Quote
  #2   (View Single Post)  
Old 21st January 2009
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,975
Default

That probably needs its own thread, JMJ. But I'd say replacement connectivity is certainly possible. Whether you can accomplish it will depend on the type of connection you have with your ISP, which is hardware, and the telecommunications regulations in your country, which is not.
Reply With Quote
  #3   (View Single Post)  
Old 21st January 2009
guitarscn guitarscn is offline
Package Pilot
 
Join Date: Oct 2008
Posts: 166
Default

Quote:
Originally Posted by JMJ_coder View Post
And what if your stupid and annoying modem, which acts as a gateway/router, has its own inane firewall on it? And it doesn't offer any option to turn it off.

I would love to replace it with a *BSD box or just place *BSD on the modem/router -- but I can't see how to do that with the way my ISP handles stuff.
If you're talking about FiOS (which is the service I have), I think you can turn the the modem/router/firewall into a bridge without changing firmware or anything so that you can use your own hardware instead, but I'm not 100% sure on that
Reply With Quote
  #4   (View Single Post)  
Old 21st January 2009
ai-danno's Avatar
ai-danno ai-danno is offline
Spam Deminer
 
Join Date: May 2008
Location: Boca Raton, Florida
Posts: 284
Default

I let my dsl router firewall stay on... just no rules to filter on
__________________
Network Firefighter
Reply With Quote
  #5   (View Single Post)  
Old 22nd January 2009
JMJ_coder JMJ_coder is offline
VPN Cryptographer
 
Join Date: May 2008
Posts: 464
Default

Quote:
Originally Posted by guitarscn View Post
If you're talking about FiOS (which is the service I have), I think you can turn the the modem/router/firewall into a bridge without changing firmware or anything so that you can use your own hardware instead, but I'm not 100% sure on that
No, I don't use Verizion. I have AT&T and their 2701HG-B 2wire gateway.
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14)
Reply With Quote
  #6   (View Single Post)  
Old 22nd January 2009
JMJ_coder JMJ_coder is offline
VPN Cryptographer
 
Join Date: May 2008
Posts: 464
Default

Quote:
Originally Posted by ai-danno View Post
I let my dsl router firewall stay on... just no rules to filter on
On mine, it lets nothing pass by default. You have to select what you will allow to pass through -- and the possible options are limited.
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14)
Reply With Quote
  #7   (View Single Post)  
Old 22nd January 2009
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,975
Default

In the US, you are not restricted to using what the Telcos lease to you. So you should be able to hook up any compatible ADSL modem replacement, if necessary, if you are unable to configure the ADSL modem/router into something more appropriate to your needs.
Reply With Quote
  #8   (View Single Post)  
Old 22nd January 2009
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Banned
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Default

A couple years ago I had ADSL, the company went bankrupt and finally I settled on cable.. and I've never looked back.

Neither of my modems have had any sort of "Web configuration" functionality, so, I can't relate.. but it would be quite frustrating to have a "pseudo-firewall" forced upon you.

If you log into this router, can you find any setting labelled DMZ? that would allow you to pass all traffic to a system running *BSD+pf.

Sorry..
Reply With Quote
  #9   (View Single Post)  
Old 22nd January 2009
JMJ_coder JMJ_coder is offline
VPN Cryptographer
 
Join Date: May 2008
Posts: 464
Default

Quote:
Originally Posted by BSDfan666 View Post
A couple years ago I had ADSL, the company went bankrupt and finally I settled on cable.. and I've never looked back.

Neither of my modems have had any sort of "Web configuration" functionality, so, I can't relate.. but it would be quite frustrating to have a "pseudo-firewall" forced upon you.

If you log into this router, can you find any setting labelled DMZ? that would allow you to pass all traffic to a system running *BSD+pf.

Sorry..
It does offer DMZ, but it will then only forward everything to a single host -- and I don't have a single host that physically has enough network connections to service the rest of the network. I have on my network 2 desktops, 1 laptop which uses both wired and wireless connection, and potentially a new networked printer (I'm waiting for better sale prices). None of those setups has more than one ethernet port.

Having poured over internet e-testimonials, looking at what (pitifully limited) documentation is provided from AT&T, playing around with the online modem configuration, I think that there is not an ideal solution to my setup. I can sidestep the modem's inanity to do what I need at a minimum to be done, but it's not all that pretty.

An ideal solution would most likely entail me buying some new equipment (like a nice sokeris computer) or extending one of my desktops (i.e., get a couple extra NIC cards). It's fun getting new stuff, but it's not fun having to pay for it (especially since I just gave all my money to the University).
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14)
Reply With Quote
Old 30th January 2009
ai-danno's Avatar
ai-danno ai-danno is offline
Spam Deminer
 
Join Date: May 2008
Location: Boca Raton, Florida
Posts: 284
Default

Quote:
Originally Posted by JMJ_coder View Post
On mine, it lets nothing pass by default. You have to select what you will allow to pass through -- and the possible options are limited.
Does your router have IP-passthrough (or similarly-named) functionality? This would allow a complete bypass of all traffic to your new firewall.
__________________
Network Firefighter
Reply With Quote
Old 30th January 2009
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Banned
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Default

Quote:
Originally Posted by ai-danno View Post
Does your router have IP-passthrough (or similarly-named) functionality? This would allow a complete bypass of all traffic to your new firewall.
You skipped my post eh?

http://en.wikipedia.org/wiki/DMZ_(computing)
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
PF firewall bsdnewbie999 OpenBSD General 3 28th April 2009 12:35 PM
how to configure ipfw with 4 modems??? m4st3rcr4zy FreeBSD General 0 13th February 2009 06:26 AM
Firewall routing Magoo FreeBSD General 9 4th November 2008 04:39 PM
Windows Firewall JMJ_coder Other OS 8 20th July 2008 08:22 PM
Web GUI for firewall ? giga FreeBSD General 6 8th May 2008 05:10 AM


All times are GMT. The time now is 06:33 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick