Subj : Router/Firewall Advice
To   : MIKE POWELL
From : Angus Mcleod
Date : Sun Dec 26 2004 11:56 pm

  Re: Router/Firewall Advice
  By: MIKE POWELL to ALL on Sat Dec 25 2004 14:41:00

 > With that in mind, I need suggestions/opinions on other router options. My
 > only prereqs is that the software work on the aforementioned Pentium, with
 > both dial-up and ethernet (cable) options.  It can work with both an etherne
 > attached and USB modem, but not USB-only.  Debian-based is a plus, but not
 > necessarily required. It does not have to boot off of a floppy, but would ne
 > to be installable on a system with no greater than a 1gig HD. I guess I coul
 > install debian and set one up myself, but I can no longer find the FAQ/how-t
 > on that, and I am looking for something with a lower frustration level at
 > this point.  :)

Ok, set up a minimal install of Linux (Debian, if you insist) with the 
TCP/IP package, the IPTables (NetFilter) package, and the PPP package, 
plus whatever you need to get your modem working.  The machine will 
probably need one or more NIC according to taste.

Add packages like TCPdump as you develop a need for them.

Go to http://www.netfilter.org/ for help on setting up IPTables which can 
be used to filter packets (firewall), do NAT/MASQ, port-forwarding and 
load-balancing too.

Straightforward routing can be done by writing a startup script to 
manipulate the kernel's IP routing tables with the /sbin/route program for 
any interfaces ppp, eth, whatever, once the interfaces have been brought 
up with /sbin/ifconfig.

One gig of disk will easily hold such a system with room left over for 
useful tools you might decide you need (like, Snort: http://www.snort.org/ 
for example), and 133 MHz / 64 MB should also be more than adequate.



---
 þ Synchronet þ Linus is a regular at The ANJO BBS.  No, Linus Brathwaite!

.