Should a Router firewall be enabled by default?

[kol12]

I went into look at my router settings and noticed the firewall is disabled. I'm thinking someone else in my household may have disabled it. Should I have it enabled?

Sorry noob hardware firewall question.

 

[bill001g]

In general just the NAT by itself does most the firewall features. When traffic comes to the router from the internet it must figure out which internal machine to send it too. Unless you told it via port mapping rules the router does not know what to do and tosses the traffic away so no traffic even can attempt to hack your machine.

NAT allows temporary rules to be put in so that when a internal machine requests something the traffic can return but it is very narrow rules and quickly expires when not active.

Depending on the firewall it can help protect the router itself from attack even though the NAT solves most that too. A lot of times the firewall is used to filter traffic coming from your LAN. Either stuff you decide is not allowed or some of the common virus attacks. So of a machine were to be compromised the firewall might be able to stop it from attacking other machines on the internet.

 

[kol12]

Thanks bill. So I don't really need the firewall enabled? I'm thinking someone in my household may of disabled it but I'm not sure why. Would you have any idea why?

 

[bill001g]

In the default configuration the firewalls don't do much so there wouldn't be much reason to disable it. Most times you would use the firewall to protect a machine you had put in the dmz or had port forwarded to. Although there are advanced firewalls that can detect malware and virus most on consumer routers do not have that ability. Even if it did you would think nobody would want to disable that feature.