Re: 56k dial up on laptop 802.11G ?

Duane Arnold <Notme@xxxxxxxxx> wrote:
>Floyd L. Davidson wrote:
>> http://www.linuxhelp.net/guides/iptables/
>>
>> Suggests otherwise.
>
>What does IPtables have to do with the out of the box firmware of a WRT54G
>NAT router? OH, could it be that you're talking about firmware that is not
>the out of the box firmware?

You didn't know that the WRT54G comes with iptables??? Out of
the box! Every time...

>What does IPtables have to do with the out of the box firmware of a WRT54G
>NAT router? OH, could it be that you're talking about firmware that is not
>the out of the box firmware?

I am talking out of the box...

>traditional sense. And you'll notice even then I was not calling the 54G a
>something that was running *true* FW software.

You were entirely wrong then, and don't seem to know much about
Linux or the WRT54G as a firewall now either.

>So somehow you're going to tell me that NAT and SPI is a total FW solution
>right and NAT is FW software.

Have I said the definition of a firewall you posted was not
good??? No... but you have yet to point out any way in which
the WRT54G does *not* fit that definition precisely.

>> http://dmiessler.com/study/iptables/
>
>What does IPtables have to do with the out of the box firmware of a WRT54G
>NAT router? OH, could it be that you're talking about firmware that is not
>the out of the box firmware?

The Linksys firmware uses iptables. Out of the box...

>I read the user manual for the Linksys WRT54G about its FW cababilities the

I haven't claimed that the Linksys documentation was good.

>> Read the man page for /iptables/, which configures the kernel
>> firewall functionality.
>
>What does IPtables have to do with the out of the box firmware of a WRT54G
>NAT router? OH, could it be that you're talking about firmware that is not
>the out of the box firmware?

Could it be that I actually know what the Linksys firmware does?
Hmmm...

>>>The software FW running on Suse Linux and the firmware running on the 54G
>>>even though they are Linux solutions are not the same thing.
>>
>> They are *identical*.
>
>What does IPtables have to do with the out of the box firmware of a WRT54G
>NAT router? OH, could it be that you're talking about firmware that is not
>the out of the box firmware?

Hmmm... cluelessness?

>> And just what comparisons can you draw from "your" Watchguard
>> running Linux compared to other equipment (also running Linix).
>> Does your particular Watchguard use iptables?
>
>What are you talking about here? How in the HELL did this conversation turn
>from a WRT54G NAT router and its firmware out of the box to a WRT54G is now
>running iptables? And I what does iptables have to do with the WG that I am
>using. I could care less about the WG using iptables. I could care less
>about it using Linux as far as that is concerned. As long is the WG is
>doing what I am asking it to do with the ability to set the rules I need
>and it's other abilities, I could care less about it. It could be the
>Mickey Mouse kernel I could care less about it. :)

These various parts of this conversation are what *you* brought
up, not me. The odd thing is that you don't seem to actually
know anything about the relationship between them.

>>>When I port forward 80 to an IP/machine behind the Watchguard that has a
>>>Web server running, I am insured that only HTTP traffic comes down that
>>>port or if it was 20 and 21 that only FTP traffic comes down the ports,
>>>dropping all other traffic that tries to come down the ports, as an
>>>example.
>>
>> In fact I don't think that is true. But to whatever degree it
>> is true, the *exact* same functionality is available to the
>> WRT54G via iptables as is available to your Watchguard. In any
>> case I don't think it is examining the *data* load of a packet
>> and trying parse whether it is indeed valid for any given
>> protocol.
>
>Well you're wrong about it and I am going to go with what I have been told
>by others who are *FW experts*, which you have indicated that you're not
>one and they do make a living at and I suspect know more than you or I
>about it.

Ask them then. (I'm not guessing, BTW.)

>> So you actually think that iptables cannot do the same things?
>
>What are you talking about here? I looked at the user manual for the WRT54G
>as it comes right out of the box. You show me where it's doing the above.
>OH, could it be that you're talking about firmware that is not the out of
>the box firmware?

The firmware out of the box has that capability; however, I
don't have any problem at all with using third party firmware
which provides a better interface to the already existing
firewall capability.

>> How does tht apply to our conversation about the firewall provided
>> by Linux?
>>
>How did the conversation period come away from the firmware that comes with
>the WRT545G NAT router out of the box? OH, could it be that you're talking
>about firmware that is not the out of the box firmware?

Could it be that you injected it, under the false assumption
that it was going to make your point?

>>>Again a NAT router is a border device and is good in the protection for
>>>the average home user; until high risk things are done with the router
>>>then all bets are off.
>>
>> But NAT is not the only facility provide, right?
>
>Yeah my WG uses NAT too. So what?
>
>It's just like anyting else, software can be implemented in a device to
>enhance its abilities. The firmware that comes with the Linksys Wrt54g out
>of the box doesn't meet the specs for something that's running FW software,

Except that it does.

>which is what I am talking about. I do know that the 54g has some 3rd party
>firmware solutions that can be implemented that's apparently using iptables
>and I am happy for you.

I see no problem with recommending that people purchase a WRT54G
with the intent to upgrade to a third party firmware release.
It is *not* some giant technical chasm that only some can leap.

>And I doubt that the 3rd party firmware that's running on the 54g using
>iptables can match the abilities of my low-end WG firewall appliance or a
>high-end one that cost thousands of dollars.

Actually, in some cases it may be significantly better, the same, or
perhaps only equal.

>And most devices such as routers and FW appliances run Linux.

And what you haven't yet understood is that they *all* use the
same firewall modules.

>Definitions of IPtables on the Web:
>
>The Linux *packet filtering* tool that is used by SmoothWall to provide
>firewalling capabilities. Top
>www.smoothwall.net/support/glossary.html
>
>In computer networking, netfilter, along with its companion iptables, are
>collectively a software extension to the Linux operating system that
>implements a stateful firewall framework. It also enables other networking
>features such as network address translation (NAT). Although netfilter is
>an extension to Linux, it is included in all major Linux distributions that
>use the 2.4 or 2.6 kernel. Netfilter does not work with Linux kernels older
>than version 2.4.
>en.wikipedia.org/wiki/Iptables
>
>Or you can go read the information in the link I provided, which is snipped
>below and packet filters has strength and weakness. I am able to make the
>adjustments and understand the differences between a packet filtering NAT
>router and a FW appliance.

So?

Your generic descriptions are useful for a generic
understanding, which you do appear to have.

Specific equipment, however, requires specific knowledge.

--
Floyd L. Davidson <http://web.newsguy.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska) floyd@xxxxxxxxxx
.

Relevant Pages

  • Re: 56k dial up on laptop 802.11G ?
    ... >>WRT54G NAT router? ... could it be that you're talking about firmware ... > You didn't know that the WRT54G comes with iptables??? ...
    (alt.internet.wireless)
  • Re: Linksys WRT54G and 54GS versions 5 and versions 6
    ... He's using old firmware. ... linksys switched to a different operating system -- VxWorks. ... The V5 and V6 router are also somewhat different hardware. ... my neighbor is running a WRT54G v5 using the Linksys ...
    (alt.internet.wireless)
  • Re: Networking (File Sharing) Problems
    ... There's a later version of the firmware available on the Linksys web ... You're WRT54G isn't up to date and your Windoze XP Pro is ... What happens when you take the wireless out of the picture ...
    (alt.internet.wireless)
  • Re: [SLE] WRT54G wireless woes
    ... get one as a solution to the ongoing USB wireless woes ... So I got the WRT54G, ... stuff with the firmware. ... > This email was sent from Reliable Networks of Maine ...
    (SuSE)
  • Re: Can excessive downloading mess up the router?
    ... Linksys apparently went to the lowest bidder for the>latest round of WRT54G hardware mutations. ... Instead of the>evolutionary, Linux based, time test, and debugged firmware, they went>to a totally new vendor that scribbled something different in VxWorks. ... > fundamentalism, fundamentally wrong. ...
    (alt.internet.wireless)