suse web and ftp standalone firewall help
Hello everyone, as usual there are newbie's and alas I am one of those so please be patient while I learn. I am interested in stetting up a fire wall for my house network. There are 6 machines in total all running from a Linksys cable modem router that attaches to att@home cable modem. Below is a diagram and I assume that the firewall would go where the Linksys router is (since it forgets its config and requires a reset and re-config once every 2 weeks) box1 box2 box3 box4 box5 \ \ | / / \ \ | [HUB] \ \ | | ---------------------------------------------- | linksys router | ___________________________ | [cable modem] | (attbi) So I am wondering can and should I use SuSE 7.3 with a minimal install and very few services running including firewall2 (?), NAT, and DHCP. I do not need to access the machine remotely but I would like to packet filter except for basic web use including SSL and ftp and tftp. Games are not much of a concern. I have read a great deal about how a firewall should work "in theory" but I lack the practice of building one. I understand the basics of the rule sets but I do not want to leave something open of undone. Basically if anyone has done this for home use I would love to know how it works for you and if I should even peruse it at all or if I should use a different OS like OpenBSD or such. I hope that this post is warranted upon this newsgroup if it is not please let me know. Sincerely, Ash ash@lightwave-systems.net
On Sunday 16 June 2002 10:46 am, Ash LWS wrote:
So I am wondering can and should I use SuSE 7.3 with a minimal install and very few services running including firewall2 (?), NAT, and DHCP. I do not need to access the machine remotely but I would like to packet filter except for basic web use including SSL and ftp and tftp. Games are not much of a concern. I have read a great deal about how a firewall should work "in theory" but I lack the practice of building one. I understand the basics of the rule sets but I do not want to leave something open of undone.
That's exactly what I've done. Found an old Pentium 166 and use two nics. Also collect mail there for machines inside the firewall. I found Shorewall ( http://www.shorewall.net ) much easier to understand, configure, and get working than the Suse firewall. I STRONGLY recommend it for newbies like me. Free download. The dhcpd as supplied by SUSE was also easy to setup, but you could just as well hard code IPs in your house on the 192.169 subnet. -- _________________________________________________ No I Don't Yahoo! And I'm getting pretty sick of being asked if I do. _________________________________________________ John Andersen / Juneau Alaska
participants (2)
-
Ash LWS
-
John Andersen