| View previous topic :: View next topic |
| Author |
Message |
dustfinger
Guru
Joined: 15 Aug 2004
Posts: 449
|
 Posted: Sat May 19, 2007 8:51 pm Post subject: web server on a home gateway/firewall - bad idea? [SOLVED] |
 |
|
I am going to install gentoo and setup a webserver. I already have a D-Link wireless router. I have password protected/encrypted wireless access. I am considering making the server a gateway/firewall as well.
Questions:
1. Is it a bad idea to run a webserver on a home gateway/firewall gentoo box?
2. Considering that I have a D-Link Router is it even worth my time to setup a gateway/firewall?
Network Plan:
| internet |=====| cable modem |===| gentoo box (gateway/firewall/web server) |===| D-Link Router |===| Intranet |
dustfinger.
_________________
Unanswered Post Initiative:
https://forums.gentoo.org/viewtopic.php?t=119906
Last edited by dustfinger on Tue Jun 05, 2007 2:26 am; edited 1 time in total |
|
| Back to top |
|
 |
RayDude
Advocate
Joined: 29 May 2004
Posts: 2107
Location: San Jose, CA
|
| Posted: Sat May 19, 2007 9:06 pm Post subject: Re: web server on a home gateway/firewall - bad idea? |
|
|
| dustfinger wrote: | I am going to install gentoo and setup a webserver. I already have a D-Link wireless router. I have password protected/encrypted wireless access. I am considering making the server a gateway/firewall as well.
Questions:
1. Is it a bad idea to run a webserver on a home gateway/firewall gentoo box?
2. Considering that I have a D-Link Router is it even worth my time to setup a gateway/firewall?
Network Plan:
| internet |=====| cable modem |===| gentoo box (gateway/firewall/web server) |===| D-Link Router |===| Intranet |
dustfinger. |
1. No. I run my domain off my DSL connection. Its slow but works great and saves me $50.00 / month and I get unlimited disk space (what ever I can slap in the machine.
2. No. I have a DLink Wireless router acting as my firewall and its completely safe. Just make sure to deny all port access (default) except what you need, like http, ftp, email, etc.
However, my configuration is like this:
Internet <--> DSL Modem <--> Dlink Wireless Router <--> Gentoo box with Apache, sendmail, etc.
My gentoo box is on my intranet and I have the Dlink router set up to port forward http, mail, ftp, etc to my gentoo box who lives at 192.168.0.1, my dlink is at 192.168.0.254 and I use WPA PSK as my wireless encryption to keep the neighbors honest.
One thing: Most cable companies will be very upset to find a person hosting stuff on his cable modem. I know that Comcast has rules about that and I believe they will cut you off if they find out you're doing it.
That being said, as long as you don't host Pr0n, MP3s or Movies on it, I doubt they'll find out.
Good luck and feel free to ask questions.
Raydude
_________________
Some day there will only be free software. |
|
| Back to top |
|
|
xanas3712
Guru
Joined: 15 Oct 2004
Posts: 455
|
| Posted: Sun May 20, 2007 6:09 am Post subject: |
|
|
my question however would be, is it possible that a gentoo system used as a gateway/router might be superior to a dlink router? I have a dlink router (wired) currently, but it works very poorly with Command & Conquer 3 (I blame this partly on the game since other games lack the issue) unless I use DMZ on the computer I want to play with. If I want to have 2 computers playing online at once I'm out of luck at the moment because it works very intermittently.
Is it possible that using a gentoo system as a router I could get more reliable performance?
I guess I'm going to end up trying either way but I'm curious if someone else might have words on whether it's possible that this could be the case. |
|
| Back to top |
|
|
bunder
Bodhisattva
Joined: 10 Apr 2004
Posts: 5947
|
| Posted: Sun May 20, 2007 10:13 am Post subject: |
|
|
i find computer-based routers have more throughput than cheap hardware-routers.
and as for having apache on a router, sure, why not... ipcop/smoothwall/pfsense/m0n0wall all have them, just keep them secure and on a non-standard port and you should be fine.
cheers
_________________
| Neddyseagoon wrote: | | The problem with leaving is that you can only do it once and it reduces your influence. |
banned from #gentoo since sept 2017 |
|
| Back to top |
|
|
RayDude
Advocate
Joined: 29 May 2004
Posts: 2107
Location: San Jose, CA
|
| Posted: Sun May 20, 2007 11:04 am Post subject: |
|
|
In order to get my Dlink router stable I had to install old firmware and turn off most spurious features, (like micro PNP for example). I got that info from Dlink when I called to complain that it was rebooting itself regularly.
Now it never crashes. I reset it and my modem once a week to insure that DSL stays clean...
If I leave it on for more than a few weeks it will crash. But that's the modems fault, not the router.
And I think a linux box would be a better gateway than the dlink wireless router, but I also think its overkill. Just use good passwords and the two or three hack attempts you get per day will never succeed.
Raydude
_________________
Some day there will only be free software. |
|
| Back to top |
|
|
|
Networking & Security
