|
As the perl motto goes, "There's more than one way to do it!" Firewalling can be done in such a way that it is transparent to the user and other components in the network. It really depends on the problem you are trying to solve. As mentioned before, we favor Layer 2 firewalls for internal use in environments where we need to have minimal impact on the users. As later chapters will show, it's not a one-size-fits-all process; there are times when using netfilter/ebtables will be the right solution, and other times when it would be better to use a netfilter/iptables as a Layer 3 device such as NAT, as the next chapter will discuss. |
|