I just had a quick connection and setup question. My setup is as follows:
Modem -> AC Router -> Computers (1 Windows box, one Opensuse box). Each machine is connected to the router via ethernet. I have the hardware firewall on the router, but do I really need the Windows and OpenSUSE software firewalls active as well? Also, I normally run an IP filter on my windows box, but the setup is far more complex to do so on the OpenSUSE machine. Will the IP filtering service run on the windows box stop incoming connections on the OpenSUSE machine as well, or is it machine independent?
Example - The OpenSUSE machine plays a retro game that features direct IP connection. The windows client is running a filtering service that stops all incoming connections through specific ranges of IP addresses. Will the incoming connection to the game connect?
> I have the hardware
> firewall on the router, but do I really need the Windows and OpenSUSE
> software firewalls active as well?
This would be considered a best practice. That way, if someone
compromised your firewall (which can and does happen), your machines
still have a layer of protection. Layered protection is considered a
best practice.
> Also, I normally run an IP filter on
> my windows box, but the setup is far more complex to do so on the
> OpenSUSE machine. Will the IP filtering service run on the windows box
> stop incoming connections on the OpenSUSE machine as well, or is it
> machine independent?
Unless the Windows box is also routing, no, it wouldn’t affect
connections to anything other than itself.
> Example - The OpenSUSE machine plays a retro game that features direct
> IP connection. The windows client is running a filtering service that
> stops all incoming connections through specific ranges of IP addresses.
> Will the incoming connection to the game connect?
As long as the Windows box is not in the route, the game will connect -
also as long as the port forwarding is configured on your router properly.
ie, if the incoming connection /doesn’t/ connect, it’s not the Windows
box that’s preventing it, it’s the router’s port forwarding configuration
that’s preventing it.