I already mentioned that I want access to my Linux server from the network. Verizon’s d-link - still in my network, but not forever - is set up to prevent this. Verizon assumes you have a standard PC, so they preconfigure the d-link to firewall any incoming connections.
That’s not my situation, I have a Linux server with extensive firewalling and more than a few services running on it. I want all the network traffic coming to MY firewall, please, not Verizon’s.
The solution - partial as usual - is the “DMZ” setting. In the d-link configuration you can set a “DMZ” host, which gets most of the traffic the d-link sees forwarded to it. Specifically it seems to forward TCP and UDP traffic, which is a big step. But it’s still intercepting ICMP - so any Ping or traceroute traffic goes to d-link, not Linux. Yet another reason to disable the d-link.