[Firehol-support] How different interfaces are from routers

Wojtek Swiatek w at swtk.info
Tue Jul 31 13:19:14 BST 2018

Hello everyone

I have a working setup (several physical interfaces, a bridge to a few
containers and wifi devices) glued together by firehol.

When finally reading the Welcome Guide from beginnig to end (
https://github.com/firehol/firehol/wiki/FireHOL-Welcome-Guide), I ended up
not being sure anymore what the difference between an interface and a
router is.

The documentation states that
- interface is used to protect the firewall itself
- router is for traffic going through the firewall

A service (say, a web server) is bound to an interface. Its security is
dependent on
- the capacity of a packet to reach that interface (so "router"?)
- the capacity of a packet to be accepted on the interface (so "interface"?)

I have a hard time deciding when to use which configuration. Is it that
- it does not matter in that case, use whatever
- it does matter: you need to use [router|interface] because ... Using [the
other one] would not work because ...
- you completely misunderstood the configuration

Thank you in advance for any general help - I find the documentation well
written but there is this tiny bit which is missing to completely make use
of it.


More information about the Firehol-support mailing list