Linux Box as Firewall or ADSL Router?

I am looking for opinions.

I have a SOHO and have set it up with an old box (PIII 500MHz) as
a firewall. This box has;
Linux 2.4.22, LFS distribution, Shorewall scripts (yummy).
Two NICS (red and green)

The red NIC is attached to an ADSL router (D-Link DSL-504)
The green NIC is attached to a switch for the internal network.

The ADSL router has some firewall facilities.

I have the D-Link re-directing port 80 to a box on my internal network that
acts as a webserver.

Now I am short a box, I am trying to upgrade the box I use as the
webserver to 2.6.1 and I am having some problems with needing to reboot
and the odd lock up.

Would I loose much security by just using the firewall on the D-Link
router and stealing the Linux box to use as a server while I am fiddling
with the other one?

I think I may have made things overly complicated, but before I had the
ADSL router, I just had a dialup per modem to the Internet and I used
the Linux firewall to share the connection (slow as it was). The
smallest change I could have made was just to change the dialup
connection per modem for the ADSL router as I had an old NIC lying
around.

Adrian
--
I hate spam
reverse the last bit to repond personally: aireland atya net : eircom

Adrian P. Ireland wrote:
> I am looking for opinions.
[...]
> The ADSL router has some firewall facilities.
>
> I have the D-Link re-directing port 80 to a box on my internal network that
> acts as a webserver.
[...]
> Would I loose much security by just using the firewall on the D-Link
> router and stealing the Linux box to use as a server while I am fiddling
> with the other one?

If You say that Your D-Link does have "firewall facilities", You should
be able to configure it according to Your needs.

If You only run the web server on that second box, this is like "safe
enough", although You should definately check that (nmap, lsof ...).

Anyways, to have one Linux box as a dedicated firewall provides You
with more flexibility and logging etc., but - although I don't know
about Your specific device - those D-Link and other things should
work just fine. Personally, I have to admit, I feel better with linux,
too.


Cheers, Jack.

--
----------------------------------------------------------------------
My personal reading of the string "MicroSoft" expands to "NanoWeak"...