[Fwd: Re: [UFO Chicago] NAT and port filtering]

Larry Garfield larry@garfieldtech.com
Tue, 28 Jan 2003 14:00:18 -0600


And I really hate the lack of a Reply-To: list header on this list. :-)

-------- Original Message --------

Robert B. Moses wrote:
> Thank for refreshing the principle of this issue. I think I'll have to 
> experiment a litte. If anyone is interested the culprit in question is 
> Netgear's RT314 Internet Gateway Router w/4 port switch.
>  From what I can tell it has some nice features: filtering of TCP/UDP as 
> well as generic filters based on byte patterns of the packet (hmm that 
> sounds closer to SPI...)

FWIW, I have the Linksys equivalent, plus WiFi AP.  It has a web front
end on it.  By default it drops any incoming requests, unless I
explicitly specify a routing for given protocol/port (eg, TCP port 80
redirect to 192.168.1.12).  If I do nothing to it, then it automatically
is a client only setup.  It does let FTP through both ways (if I
initiate it) without me doing anything.

I hate to sound like the anoying kid in the back of the room, but try
just plugging it in and see what the defaults are.  It's a good bed that
the default config for a turnkey router is exactly what you're looking
for (multiple clients, no servers, no questions asked).

-- 
Larry Garfield			AIM: LOLG42
larry@garfieldtech.com		ICQ: 6817012

"The world's most dangerous terrorist is at large in the US.  He has his
sights set on making the entire American population cower in fear.  He
has ordered his people to assassinate American citizens.  Do you know
him?  His name is George W. Bush."