PDA

View Full Version : Linux Hardware Firewall



Glassman
05-06-2004, 09:49 PM
I have just got my hands on an old P133 with 32MB ram and a 1Gig hard drive
what i would like to have a go at but do not have a clue how to do it is set up a hardware firewall using linux.

My main computer is running win xp home

1/ Is this possible
2/ which linux distro would be best for this job
3/ Do i need any other bits. If so what do i need
4/Or am i talking complete rubbish and should be watching telly on a saturday night.

Any help on this matter would be great
Thanks in advance

-=JM=-
05-06-2004, 09:54 PM
If you're after purely a Linux based firewall then I would strongly recommend that you have a look at SmoothWall (http://www.smoothwall.org/). It is a linux distribution designed purely to be used as a firewall. It's fairly straight forward to set up.

robsonde
05-06-2004, 09:55 PM
I cab only answer some of your questions....

is it posable? yes.
is it a good idea? yes

other bit you will needs are network cards.

info we will need is what internet conection do you have?
cable? ADSL? dial up?

rmcb
05-06-2004, 09:56 PM
Have a look here

http://www.ipcop.org

Got it running on similar hardware as you. You will need 1 network card and a decent hardware modem i.e. external serial or isa slot internal.
Works well
Good luck

Murray P
05-06-2004, 10:00 PM
There's a whole bunch of them listed at DisroWatch (http://www.distrowatch.com/dwres.php?resource=firewalls) Smoothwall and IPCop have good reps.

Cheers Murray P

Glassman
05-06-2004, 10:00 PM
I forgot to add i will be using an external 56k modem
Is this ok to use

Another question
How do i connect the old P133 to my computer which is running win xp home

Please could someone tell me what i need ie which internal cards to get and what cables do i need

Once again thanks in advance

Murray P
05-06-2004, 10:11 PM
You will need an NIC card (Lan, ethernet, network/card, all the same) in each pc.

Ph jack---> Modem ---> PC 133 Firewall with -> NIC --->cat 5 or 6 cable ---> NIC -> in Main PC with with network setup. Check out the firewalls documentation for the network setup. TCP/IP should be ok. If you want more info setting up the network just ask.

Cheers Murray P

Glassman
05-06-2004, 10:48 PM
I think i am beginning to understand this a couple more questions

On my main computer the motherboad has an onboard network card

and i have an old isa network card laying around .

Can i use the above

Murray P
05-06-2004, 11:12 PM
Yes. You need to ensure that the connecter on the ISA card is an RJ45 socket to accept the RJ45 plug on the cable, which will be what you onboard one is (neat how they have got all these little details just so ;) ).

The RJ45 socket is about the same width as a ph jack (RJ11) but be deeper from top to bottom. Quiet a few of the old ISA cards have coaxial connections (circular with a pin in the middle) or both types. There may even be a card already installed in the 133 machine especially if it's lived its life in an office but it wont have onboard like the newer machine Hopefuly the older card will be detected by the firewall ok.

BTW, the firewall will be great if you ever have the oppurtunity to get a cable braodband connection. You stick it between the modem and your PC or Lan, as per now, and you can use it as a router/gateway for interenet connection sharing and routing to multiple PC's (Lan). You can also set them up as content filters, access permissions, etc.

Cheers Murray P

Glassman
05-06-2004, 11:51 PM
Ok i have found the old isa network card
I am going to use Smoothwall because this looks like a good one for newbies
I think i have worked out which cable i need from Dick Smith

The only thing now i am not sure off is what do i have to do to my win xp computer to make this work ie what do i have to do within windows

thanks for your help

Glassman
05-06-2004, 11:57 PM
I was also wondering if any of you linux guys had the lastest version of smoothwall you could burn on to a cd for me i am quite happy to pay any costs involved

Thanks in advance

Jester
06-06-2004, 12:13 AM
I have the Smoothwall ISO on CD I burnt a while back, I set up an old box but never followed it thru due to an incompatible USB ADSL modem. Got a ADSL router instead.

I am not sure where it is, but I recall seeing it a while back in my drawer of CDs, let me know if you want it and I hunt it down and post it.

splatty at orcon dot net dot nz

J
:D

Jester
06-06-2004, 12:16 AM
Found it, it's Beta 2 V4. May be too old now.

Chilling_Silence
06-06-2004, 09:09 AM
Another PressF1 put me on to a Bootable BSD-Based Live Firewall that looked really good the other day.

It looked really good, boots from a Floppy or a CD and no HDD is needed.

Its not Linux based, but still a good firewall nevertheless.

...Now if I can just remember the name and URL :-(

(Its not theWall either)


Chill.

Chilling_Silence
06-06-2004, 09:13 AM
So far little luck Googl'ing,

But what about a Hardened Gentoo installation?

Glassman
06-06-2004, 09:35 AM
I am only just getting into linux and i have had a good look at the smoothwall web site and it looks fairly straight forward to install

I do need some help on how to set up win xp home to make this work

cheers

45South
06-06-2004, 10:26 AM
Hiya Glassman,
I've been going to do exactly the same as you for ages but never got round to it, except I'm going to use an adsl router instead of a dialup for the connection & I'm going to run 6 pc's through it instead of 1.
I sort of know the basics involved & will be getting in to the details & setup this week some time, maybe we can do it together.
I have the latest Smoothwall distro & all the documentation.
I live just down the road from you, so maybe we can get together & help each other out.
The only problem I can see is that you are probably a "Magpie" supporter :-)
Give me a holler @ yllibk@msn.com if you are interested.
Oh, & "GO THE HARLIES!!!!!!!!!!!!!!"

Susan B
06-06-2004, 01:57 PM
Although there have been a few discussions about it this forum doesn't have very many Smoothwall users that will be able to offer advice. According to Whetu the best place for help is at http://community.smoothwall.org/forum/

Dolby Digital
06-06-2004, 02:48 PM
>>this forum doesn't have very many Smoothwall users that will be able to offer advice.
Susan, how could you doubt our advice ;\

Susan B
06-06-2004, 03:30 PM
> >>this forum doesn't have very many Smoothwall users that will be able to offer advice.
> Susan, how could you doubt our advice ;\

Whoa Dolby, who said anything about doubting your advice? All I was doubting was your ability to be around when it is required. :D

Glassman
06-06-2004, 04:28 PM
I am still not to sure what i need to do from within win xp to make this all work if someone could explain this to me that would be great

Thanks for the help

Jester
06-06-2004, 05:19 PM
Once you get it set up on the old box, you enter the url of the Smoothwall box into your browser - probably something like http://192.168.1.1 - depending on what you set it up as in Smoothwall.

Then you will be prompted to enter a password, and then you will be able to configure the Smoothwall settings in your browser on the XP box.

So - to connect and set up Smoothwall on XP, you need to have a network card or inbuilt LAN connection on th XP box, be connected to the Smoothwall box via a network cale, and have details with you of what URL the box is and your password you set up when configuring Smoothwall.

J
:D

Murray P
06-06-2004, 05:20 PM
You need to set up Networking if you haven't already done so. I don't have XP so can't give you any specifics . XP has a wizard for setting up networking - your network card, TCP/IP, DHCP or IP addressing (if you want use DHCP, I suspect this will be default for XP), DNS, etc. Run that and all should be fairly hunky dory without getting your hands too messy. Because I don't have this nice wizard I'm suspicious of it's behind the scenes complexity so, of course I prefer to setup manually and avoid hassles, ignorence is bliss as far as I'm concerned in this respect :) automation can be a plague visited on the unwary IMO.

Get your copy of Smothwall and read the documentaion that comes with it. I believe there are also FAQ's and tutorials at the Smoothwall.org site (not to be confused with the commercial branch of Smoothwall) and check out the forum as per SB's advice. The most basic step once your network card is setup is to point XP to your Smoothwall box and visa versa with your IP setting or DHCP. As before let the wizard do it in XP and follow Smoothwall lead for it's settings.

Cheers Murray P

Dolby Digital
06-06-2004, 06:01 PM
>>Whoa Dolby, who said anything about doubting your advice? All I was doubting was your ability to be around when it is required.
I was just joking :) (actually I used the mischief smiley) cos I haven't offered any advice myself for this tread even though I run Smoothwall/IPCop. It seemed to be progressing pretty well. You are right of course, the best source of knowledge are the forums (or whatever) from the horses mouth so to speak.

Susan B
06-06-2004, 06:04 PM
> Because I don't have this nice wizard I'm suspicious of it's behind the scenes complexity so, of course I prefer to setup manually and avoid hassles, ignorence is bliss as far as I'm concerned in this respect automation can be a plague visited on the unwary IMO.

According to one of tweak'e's posts here the Win XP Network Wizard has to be run in order to set up networking if it isn't already. It will probably set the IP number to 192.168.0.1 rather than 192.168.1.1 as in Jester's post so that will need to be changed if required. Apart from that it will most likely be straightforward.

If you get stuck on that side of it or things don't work later you can always come back here for more help. :-)

Susan B
06-06-2004, 06:06 PM
> I was just joking (actually I used the mischief smiley)

Yes, I know you were. :-)

southern_jas
06-06-2004, 07:01 PM
Just my two cents.....

if you want a small Linux based instalaltion you could always try http://freesco.org

This router installation can be contained on one floppy disk and can run entirely in RAM when operating.

segfault
06-06-2004, 10:19 PM
m0n0wall (http://m0n0.ch/wall/)

Chilling_Silence
06-06-2004, 11:49 PM
That's the one!!!

*Chilling_Silence goes off to trial himself....

Murray P
07-06-2004, 12:05 AM
Ta. Just grabbed the m0n0wall ISO for a gander.

Cheers Murray P

Glassman
08-06-2004, 12:39 AM
First of all i would like to thank everyone in this thread that helped me

And just to let you all know i now have a hardware linux firewall up and running.

I downloaded smoothwall this morning burnt it to a cd then went to Dick Smith and got a cable and then i came back and spent 3 hours setting it all up. It took a few attempts but i got there in the end. i have even installed the updates to smoothwall with out any problems.

Once i got it up and running i pointed my browser to www.grc.com and took the shields up test and it reported all ports running in stealth mode so i am more than happy.

The upshot to this is that my interest in linux has being renewed so its off to install mandrake 10 next.

Once again thanks for all your help

cheers chris

Murray P
08-06-2004, 12:56 AM
Well done :)

Mandrake 10....Oh NOoo. Ark or Fedora might be better if you really insist on installing a Red Hat based distro. If you want ease of use give Xandros a try or my own personal bias is to Mepis which does the hardware detection with its eyes closed.

Cheers Murray P



PS. Take no notice of any flames from the red army.

Chilling_Silence
08-06-2004, 01:16 AM
> Well done :)
>
> Mandrake 10....Oh NOoo. Ark or .......

Ahhh... A man after my own heart... :-)

I'd vouch for Ark.

Send me an Email (Click my PF1 username) and I'll set you up with a set of CD's if you want.

Ark is aimed at the home user, not at the 'masses' as Fedora / Mandrake are.

Congrats on getting the Firewall up and running :-)


Chill.

Dolby Digital
08-06-2004, 10:27 AM
Hey Murray, Mandrake is good for me.... I wouldn't necessarily recommend Mandrake 10 (yet) but 9.2 is pretty good.

Of course with Mandrake Move (live cd), you can "try before you buy".