Is there a package or guide that will focus on using 9.1 pro as a combination gateway/router with port forwarding and chains to enable visibility between some of the LAN machines and the internet as well as other networks? I also want to have SAMBA, TELNET, rlogin, and other network and file system features on this same machine. I have a Slackware installation that has been customized to do this. But now I want to move this functionality over to a SuSe 9.1 installation in the hopes that future upgrades won't require an installation from scratch as I am now facing with my 6.4 and 6.2 SuSe installations. A second related question is where are the rules and rules syntax used to set up port forwarding and chains. Are they universal or do they vary with the distribution and packages? A third related question is: what amount of disk space can I expect this setup to take. An educated guess would be an acceptable answer. Thanks, TED
Ted Hilts wrote:
Is there a package or guide that will focus on using 9.1 pro as a combination gateway/router with port forwarding and chains to enable visibility between some of the LAN machines and the internet as well as other networks? I also want to have SAMBA, TELNET, rlogin, and other network and file system features on this same machine. I have a Slackware installation that has been customized to do this. But now I want to move this functionality over to a SuSe 9.1 installation in the hopes that future upgrades won't require an installation from scratch as I am now facing with my 6.4 and 6.2 SuSe installations.
A second related question is where are the rules and rules syntax used to set up port forwarding and chains. Are they universal or do they vary with the distribution and packages?
A third related question is: what amount of disk space can I expect this setup to take. An educated guess would be an acceptable answer.
Thanks, TED
This does not answer your direct question, but suggests an alternative used here. I have an old Cyrix M200/16MB/floppy/2 NIC box (out of sight) on which I use BBIagent http://BBIagent.net as a floppy firewall for 4 Linux boxen and a Sun Solaris workstation. It's admin uses any java enabled browser on the internal network, setup is a cinch, just fill in the boxes for firewall rules, click to setup stuff like disbling pings from the WAN, click connect and it gets it's WAN IP address from the ISP's DHCP server via cable modem. It can act as a print and dhcp server for the network if needed. The project has not been updated since May last year, but I received a reply from the developers yesterday saying they are developing a new version. I'd recommend it if you need a box that you can setup and forget. I have an old 14 inch monitor and keyboard connected, but they shouldn't be necessary as they do nothing. Regards Sid. -- Sid Boyce .... Hamradio G3VBV and keen Flyer =====LINUX ONLY USED HERE=====
On Saturday 28 Aug 2004 04:47 am, Ted Hilts wrote:
Is there a package or guide that will focus on using 9.1 pro as a combination gateway/router with port forwarding and chains to enable visibility between some of the LAN machines and the internet as well as other networks?
There is information about this in the Administration Guide, which is on the installation discs.
I also want to have SAMBA, TELNET, rlogin, and other network and file system features on this same machine.
Doing what exactly? Telnet and rlogin are not exactly secure - ssh would be a better option. Do you want these services available from the internet or just from the protected network?
I have a Slackware installation that has been customized to do this. But now I want to move this functionality over to a SuSe 9.1 installation in the hopes that future upgrades won't require an installation from scratch as I am now facing with my 6.4 and 6.2 SuSe installations.
Hmmm, don't quite understand that?
A second related question is where are the rules and rules syntax used to set up port forwarding and chains.
Read all the notes is /etc/sysconfig/SuSEfirewall2 Custom rules go in /etc/sysconfig/scripts/SuSEfirewall2-custom
Are they universal or do they vary with the distribution and packages?
er, dunno
A third related question is: what amount of disk space can I expect this setup to take. An educated guess would be an acceptable answer.
Well, I have a basic masquerading/port-forwarding iptables setup with squid installed on a box with a 1.8G drive and there is 1.2G free atm (although I have just emtied the squid cache and have syslog forward all messages to a server.) 1G should be plenty, plus what you need for whatever SAMBA stuff you are wanting to use. HTH Dylan
Thanks, TED
-- "I see your Schwartz is as big as mine" -Dark Helmet
participants (3)
-
Dylan
-
Sid Boyce
-
Ted Hilts