Tim Writer wrote:

James Knott <james.knott-bJEeYj9oJeDQT0dZR+AlfA at public.gmane.org> writes:

...

Terry Tanski wrote:

...

Hi all, Anyone have any comments on the SMC Cable/DSL 4port router (SMC7004VBR)? How does it compare to the DLINK (604) or the LinkSys (SR41)? Does it have half-decent firewall capabilities?

...

Terry

I have the wireless version of that. It seems to be OK. What capabilities were you looking for?

Well, I worked on the wireless version for a while and was not at all impressed. The firewalling capabilities are only applicable to the Internet connection, i.e. you cannot firewall your wireless LAN from your traditional LAN. You can use MAC based ACLs to prevent wireless users from going out to the Internet but you can't stop them from accessing your wired LAN. You can also restrict wireless traffic but you can't implement a deny by default policy, i.e. you cannot deny everything except the few services you want to allow, you can only deny specific services.

The bottom line: as long as you're not using wireless and you're using NAT, it will give you a basic level of protection simply due to the use of private IPs with NAT. IOW, it's okay for a simple home setting but I wouldn't use it in a business setting.

I've got mine between my Linux firewall and cable modem. This way, the only way into my home network, is via CIPE VPN or SSH. Anyone wanting to access the internet will have to get past the 124 (actually 104) bit WEP, and yes I'm aware of it's weakness. It would be nice if you could turn around the firewall part of it, so that you could filter the wireless and plug the WAN side into the local network. -- The Toronto Linux Users Group. Meetings: http://tlug.ss.org TLUG requests: Linux topics, No HTML, wrap text below 80 columns How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml