I have my firewall up and running. It's a bridging firewall, so I had
to do the WAN -> OPT1 setup and let LAN dangle.
I have a Soekris board with two ethernet ports and a PCMCIA card slot.
I could not find a ethernet card that would work in the slot, so I
stuck a wireless card in there. I set the LAN IP to 0.0.0.0 and gave
it some bogus BSS info. I setup the WAN bridged with OPT1. Enabled
the bridge filtering, turned off NAT, turn off all the other stuff.
Then I setup my rules to block everything and allow only the ports I
wanted. Blocked outgoing SMTP except to my mail server (thwart those
dam spam viruses). Opened up a big block if ports for vid'ea games,
for my customers.
Works great! I can use my entire public C class now instead of NAT and
one IP. I can blocks the ports I want to block, allows the ports I want
to allow, and it has a nice traffic graph to boot. I see now that I
need to get another T1 as I'm reaching 1.5MB on my single T1.
I'm happy to get m0n0wall working on my firewall. Sad that I can't use
it for my Wireless Access Points, but hey...can't have everything. If
I can get rid of the wireless card it would be perfect!