Hi Stuart, Thanks for the advice, very much appreciated. John
I am currently using SuSE 7.3 as my internet firewall. It works very well. I found the original YaST1 to be very easy to use to set up the Firewall rules. If you still have the books for 7.3, all the info you need is in there. My machine is a bit overspecced for the job: 2x P-II 233 128MB RAM Adaptec 2940UW SCSI Card 2x2GB UW-SCSI Hard Drives PCI Vid Card 2x3COM PCI NICs
As for space usage, I am using 5M of my /boot, and 538M on /. You can probably trim this down a bit without too much difficulty.
It has no keyboard, mouse or video on it, and I use a mixture of SSH and Webmin to administer it remotely. Although, it requires very little administration, to be honest.
The same machine has been both a dial-on-demand box when I only had modem access to the internet, and was then very easily converted to use my cable connection when that went live.
There are plenty of alternatives to a full blown SuSE system, such as CoyoteLinux and Freesco (not technically a firewall, I know, but my brother-in-law has been using it very successfully for about a year now).
The real trick for this kind of setup is to do as minimal an install as possible, and then add what you need to make it work. You won't need X, or rsh, telnet etc. You could use it as your NTP (time) server without too much worry, but don't run the likes of Apache on it. Setup Webmin to only allow connections from the LAN side, and make sure it uses SSL. Put OpenSSH on it, and keep it up to date with online updates.
Hope this proved to be of some use to you.
Bye for now, Stuart.
-----Original Message----- From: John Blue [mailto:jblue@bestpond.com] Sent: Wednesday, December 11, 2002 21:17 To: suse-linux-e@suse.com Subject: [SLE] Next step? - The Linux gateway/router/firewall?
As I am recently new to Linux I have managed to get two Pc's running SuSE V8 KDE 3, & Samba 2.2.3a connected to my small network.
The internet gateway has always been via my PC running NT4 (sp6a) which has two network cards, one connected to the internal network, the other to an ADSL modem.
SuSE seems to do a good job of connecting to the net via the NT box, but I also run Sygate Home Network on that NT box to enable other windows PC's/notebook to share the internet connection.
Unfortunately, I need to retain the NT4 box for some time yet as I run a couple of applications which as yet I have not got running under wine.
However, I can move my gateway away from the NT box. I would love to be able to maintain my ADSL connection live for days on end without having a BSOD or reboot to update something and the consequent disconnection that goes on and on with windoze.
I have available a couple of older PC's, and bits that I can us to build a gatway PC.
Now I have read of Smoothwall, and IPCop, and I gather there are other similar solutions. Although I think that I would like to use SuSE if that was a not too difficult approach, apart from V8 I also have 6.3, 6.4 & 7.3 if they are of any use.
I would appreciate some advice from the experienced readers here as to the best way to go.
As I see it I want to have a linux PC that will serve as the gateway to the net through the present ADSL modem, and provide protection to the internal small network.
After installation I would like to be able to remove any monitor and even keyboard/mouse etc, with access from any other PC on the network.
I have a couple of smaller HDD's 450Mb + which I could use, or alternatively a CD-ROM or FDD.
My preference would be for a solution that a newbie can reasonably setup and manage, and which would not require a lot of maintenance.
Thanks for any advice or reading refences. John
--
John Blue, PO Box 542 Mawson ACT 2607 email: jblue@bestpond.com This email has been pre-scanned using the latest Anti Virus software for your peace of mind. Please remember to maintain your own anti virus up to date with the latest reference files.