necessary packages for Linux Firewall

Boris Mühmer boris at muehmer.de
Sun Jan 26 22:12:14 PST 2003


> If I am going to use my LFS system as a Firewall only, what
> [...]
> anything else except an IPTables firewall and FreeSwan VPN server.

i did this the last two weeks. well, i almost only had time
to work on the weekends on it, but now it looks good. it is
a G4 based CVS-LFS, with an additional (intel) pci ethernet
card (and an ISDN card as well, but didn't start working on
it, yet, only want it as a backup).

basically i would say have a look at the BLFS pages, because
you will need some additonal packages to LFS (don't ask me
which ones, because i installed some more things on the box).

for the iptables have a look at http://www.netfilter.org/
there are also many links for a basic setup.

because i needed that system as an intra <-> (t)dsl system,
with masquerading and pppoe, i also went to:
	http://www.roaringpenguin.com/pppoe/
i tried something else before i went there and wasn't too
successful at all.

for the actual ruleset i used the example "Stronger IP Firewall"
(rc.firewall-2.4-stronger) from the TLDP "IP-Masquerade-HOWTO"
as a base script, but modified it a bit to better fit in with
the roaring penguin scripts (also had to change some "REJECT"s
to "DENY"s, because of script errors):

http://www.tldp.org/HOWTO/IP-Masquerade-HOWTO/stronger-firewall-examples
.html
	http://www.tldp.org/HOWTO/IP-Masquerade-HOWTO/


for additional questions feel free to contact me directly even
with having a busy week again ... :-)

good luck
 - boris

--
boris at muehmer.de


-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-support' in the subject header of the message



More information about the lfs-support mailing list