Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

ADSL Router - Linux Firewall Setup
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Angry Geek
Apprentice
Apprentice


Joined: 23 Apr 2003
Posts: 162
Location: .uk
PostPosted: Tue Oct 28, 2003 9:15 pm    Post subject: ADSL Router - Linux Firewall Setup Reply with quote
Hi,

Planning on putting to use some old hardware acting as a Linux IPtables based firewall behind a Zyxel router. I have a dynamic address assigned by the ISP and the router currently does NAT and DHCP. It also acts as a *very* basic firewall.

I'd like to have a setup similar to this basic design.

ISP
|
|
Router
|
|
(eth0: 192.168.1.*)
Linux Firewall/Gateway
(eth1: 10.10.10.*)
|
|
Clients (DHCP?)

I'm bit confused at to whether or not to turn off NAT and the ACLs on the router completely and let the Linux box to all the NAT or just leave as is. Pros and cons?

Any issues with clients picking up DHCP from the firewall or best left as static?

Ideally I'd like to turn the firewall into a fully functional gateway, perhaps doing spam filtering and even virus content scanning. Suggestions, good bad past experiences?

One of the reasons for doing this, according to Zyxel, becuase of all the Viruses on the net, the NAT table on the router gets filled up quickly. Causes it to crash and reboot. Known issue - apparently! I'd also like to have somethign a little more secure than a router with a few control lists.

Never really touched IPtables as such before, used smoothwall before, but this time I'd like to get my hands dirty!!! :-)

Absolutely any advice would be cool.

TIA. :D
_________________
Linux user 327411. Go get counted!
Back to top
View user's profile Send private message
ckdake
l33t
l33t


Joined: 10 Apr 2003
Posts: 889
Location: Atlanta, GA
PostPosted: Wed Oct 29, 2003 2:02 am    Post subject: Reply with quote
I woudl stick with just using one firewall because multiple firewalls sometimes just act pretty strange. let the linux box do all of the NAT. I am working on a setup similar to what you are trying to do however I am not using the router at all:

DSL modem has an ethernet port, that goes to eth0 on the linux firewall box (which also acts as a router)

eth1 on the linux firewall box goes to a switch which everything else is plugged into and the linux firewall box takes care of the dhcp/nat thing.


You could have eth1 go to the router and dhcp that way, but i wouldn't put the router between the firewall an the internet.
_________________
http://ckdake.com/
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy