On Tue, 17 Jul 2001, Julian Anastasov wrote:
> You are using too restrictive rules, do you really need them?
>
> The LVS users that use Linux 2.2 are not powered with such firewall
> rules but you can build secure setup even with simple rules. In some
> cases even without firewall rules :)
I've had and seen friend's machines cracked too often to want to deal with
want to error on the side of too restrictive and then open things as
needed. This machine will be my main firewall as well. I have a very small
setup, and lvs is probably overkill and I could probably do everything I
need with just iptables, but I wanted to start using it from the start.
So far, mixing realservers and plain workstations behind my
firewall/director works. Is there any good reason to add an eth2 and put
them on different subnets? I have around 10 machines including the
firewall, realservers and desktops.
thanks
-james
|