I am using a linux box as a firewall and router. I would install a system running honeypots like kippo, dionaea or glastopf behind it. My honeypot is on private IP and all required ports are being redirected from the public IP of (iptables) the firewall towards private IP of the honeypots machine.
Is this a good approach for deploying a honeypot? I noticed that behind firewall, dioanea capture less malware as compared to on public IP