Setting up a Linux Firewall

I am contemplating setting up a linux firewall. I want to use kernel 2.4.20-8 for the firewall.

Anyone have some good tips or sources I can go to find out how to set one up.

So far I've read through some guides and the description of setting one up are very vague.

The Firewall will go between my workstation and my modem connection through the internet.

Thanks in advance.

If you've got Netfilter enabled in the kernel (should be by default). Then you would most likely be using iptables to set up the firewall.. I'm badgering Chris to write something on iptables as I want to read a decent paper as well.. but till then this should hold you :

iptables-tutorial.frozentux.net/iptables-tutorial.html
librenix.com/?inode=952
www.netfilter.org/documentation/

Lemme know if you need some help writing the rules... I could use the practice.

Before I even get to setting the IP tables, I want to know how my linux should be set up right from install up the the actual configuration of the IP tables.

For example, when I install the linux OS, do I choose workstation, server...etc? After the Linux is installed, what services should I disable or configure etc.

I did look at some of the links you gave me Sahir and it is very good. Still looking through em. Thanks.

Any info would be helpful.

nubs

If you just want a computer running as a firewall and nothing else a very good choice is Coyote Linux ... runs on a floppy too! It is a firewall and nothing more. It allows you to remote SSH to it which you will need to use Putty on a Windows workstation to be able to do this.

The default firewall configuration is suitable for most home users as it does not allow any new connections. One sweep on the grc ShieldsUP website finds that your computer will be stealthed and pass the test. The only thing that you will need to change is making sure SSH cannot be accessed from the outside world, the default configuration allows SSH open on the Internet however I am not sure if they have changed this or not.

The only con I can see with this type of software is that if you don’t know which drivers your network card(s) use in Linux or the proper driver name for them, it is a pain to find them.

Hope this helps!

Also if you do choose to use Coyote Linux this site might intrest you too: Coyote Linux Add Ons

Quick list of addons are:
[code:1]IPTraf - Traffic Monitoring
FTP Client
Dynamic DNS Update
Sending e-mail
Printer Sharing
Tinyproxy
SSH Tunnel
Full Remote Backup
HwClock[/code:1]

Well I'm facing a dilemma as well right now. I'm doing a small network setup and I have to choose a gateway firewall.. Because the network is small and they want to save money, CheckPoint or something similar would be overkill..

So I've suggested an iptables based firewall, or something like Asataro Linux firewall... however they want to use a Windows solution as they have no technical person who can handle Linux there (the other option is that I keep getting called in whenever they need to make a change which is not acceptable).

Any ideas on what I could use ?
At present they're using some ridiculous proxy program called analogX and a personal firewall on the gateway this has to be redesigned as the proxy breaks just bout every app, especially FTP.

Heres the general topology


[10 Windows boxes] [3-4 Linux boxes]

---

> [W2k Server running crappy proxy system and sygate PF]

Ideas ?

Thanks for the input Neon. Although I dont plan on going that way with my project.

The reason I am setting this firewall up is so I can understand how to do it. I guarantee this will not be the safest firewall in the world but at least I will learn something from it.

Anyways, I have installed my linux9.0 (kernel 2.4.20-. I installed the necessary packages (me thinks).

What I need to do know is get my dial up modem to recieve internet from the firewall and then allow any accepted packets to transmit to the eth0. I don't even know where to begin and/or search for. Any pointers?