Newbie firewall/masqarade/proxy confusion

Alan Dayley ADayley@adtron.com
Tue, 01 Aug 2000 07:38:40 -0700 

At 02:38 AM 8/1/00 -0700, you wrote:
>Am 31. Jul, 2000 schwäzte Alan Dayley so:
>
>> I am scheduled to get DSL with a static IP in a week or two.
>> As a first Linux learning experience, I have setup an old 100MHz
>> 486 PC, 32MB RAM, 1.5GB hard disk space, 2 16-bit Intel network
>
>Pretty good for a home firewall :).
>
>> cards, VGA, mouse, blah, blah... with RedHat 6.2.  X still does
>
>X and 486-based firewalls don't mix well.

I don't expect to do much X stuff on it.  I am saving my pennies to get
another box for a "real" Linux workstation.  I just couldn't help myself in
my first time excitement!

>> not work but that is not important now.  My intention is to have
>> this little PC be a firewall for my other computers to share the
>> DSL connection.
>
>Look at my firewall script. Available from
>http://home.pages.de/~lufthans/unix/. I've made a few changes that haven't
>been added (things that RedHat needs because it's using bash instead of
>bash2). If you want to use my script, let me know and I'll email you the
>current tarball or you can probably just change the first line of the masq
>script to call /usr/bin/bash2 instead of /usr/bin/bash.

I could not get the script TAR to uncompress without errors.  Is there a
problem with the file on your page?

>The URL Doug sent seems very interesting and might better serve what you
>need, but mine's probably better if you want to understand what it's doing
>and be able to learn more.

I will be looking at them all!  I want to learn!

>> What I want to make is my Linux box providing a single "presence"
>> to the internet while the workstations "behind" the Linux box can
>> surf and do email without being "visible" to the internet.  What
>> combination of firewall/masqarade/proxy stuff do I need?
>
>Start off with a firewall that does masquerading (aka NAT). As you learn
>more you can move to proxies or more advanced firewalling setups. If you
>just want it to work without having to know the process, then a plain
>firewall/masqerade setup is the way to go.

All you guys on the email list are helping loads!

Alan

/------------------------------------------
|Alan Dayley             www.adtron.com
|Software Engineer       602-735-0300 x331
|ADayley@adtron.com
|
|Adtron Corporation         
|3710 E. University Drive, Suite 5
|Phoenix, AZ  85034
\-------------------------------------------