ML wrote: > I have a Comcast business circuit with 13 IP's. The gateway device > they provide is a 'pass through' device. They sent traffic for all 13 > IP's my way. It just allows traffic through. So if I put in a device > to firewall (like Ipcop or Vyatta or something) in front, say it has 3 > NICS, how do I do that? If your just interested in firewalling (i.e. not NAT or something) then you can put the firewall in transparent bridging mode. > How fast does this device need to be? Depends on your throughput, and conns/sec. I use a Soekris at home for my ~10-30Mbps comcast line, that has a 500Mhz AMD Geode, and usually sits at less than 1% cpu (though I don't use it too often). I have OpenBSD running on it in routed mode for firewall+NAT. I would wager anything in the last 5-6 years would be more than enough. A good NIC is important too. Does linux's firewall support even have stuff like stateful failover these days? I've been using OpenBSD(vs linux at least) since 2004 for any firewalls that I deemed "serious", FreeBSD before that. I hate *BSD user land stuff, but I do like pf. nate