I have done it very successfully. With my setup I am using SuSE Firewall2 and Squid Proxy server. I currently have it setup as a caching proxy and am planning to end the caching and start using it as a plain pass through proxy. I did not have to worry about NAT. DHCP is supposed to be very easy to setup now (since the breakup of ATT and @home). I previously had to setup the machine name to be passed to their DHCP server. But this supposedly is not necessary anymore. The Firewall2 sample files should get you through its setup very well. You do not need a heck of a lot setup in there as I remember (other than most of the default settings which shut most everything down). I am running some services for external consumption so my settings are different from what you are looking for. Give it a try. I think you will find that it is a very good, pleasant learning experience. I was able to do most everything from the documents and did not have to fall back to the list for help. But, you can always post to the list. A better list than the security list would be the plain SuSE English list. It has a great bunch of guys on it. I am off that list now since I do not have time to go through the vlume of mail it generates. Good luck. Jim
Hello everyone, as usual there are newbie's and alas I am one of those so please be patient while I learn.
I am interested in stetting up a fire wall for my house network. There are 6 machines in total all running from a Linksys cable modem router that attaches to att@home cable modem. Below is a diagram and I assume that the firewall would go where the Linksys router is (since it forgets its config and requires a reset and re-config once every 2 weeks)
box1 box2 box3 box4 box5 \ \ | / / \ \ | [HUB] \ \ | | ---------------------------------------------- | linksys router | ___________________________ | [cable modem] | (attbi)
So I am wondering can and should I use SuSE 7.3 with a minimal install and very few services running including firewall2 (?), NAT, and DHCP. I do not need to > access the machine remotely but I would like to packet filter except for basic web use including SSL and ftp and tftp. Games are not much of a concern. I have read a great deal about how a firewall should work "in theory" but I lack the practice of building one. I understand the basics of the rule sets but I do not want to leave something open of undone.
Basically if anyone has done this for home use I would love to know how it works for you and if I should even peruse it at all or if I should use a different OS like OpenBSD or such.
I hope that this post is warranted upon this newsgroup if it is not please let me know.
Sincerely, Ash ash@lightwave-systems.net