How to setup RH9.0 as firewall/router to share internet connection
 

Hi everybody,

Badly need your help, this is my first time to work on linux especially configuring a linux as a firewall and router to share my Internet connection to my private network. I already setup RH9.0 and configure the 2 NIC, eth0 to connected to my ISP and eth1 connected to private network. I test my connection both outside in inside network, using ping command and recieved a succesful reply. But i have no idea what to do next, obviously i'm newbie. Pls hep me to complete my server configuration on secured manner. thanks in advance.

u need to learn "iptables"
u may also use "squid" cache proxy with "iptables". its called transparent proxy
u may find documents at www.netfilter.org

i will try to explain basicly how to share internet connection for your local network, but these will just share internet connection via NAT, visit www.netfilter.org to configure your firewall.
first enable routing beetween network devices.
edit "/etc/sysctl.conf" file and chance the following line
net.ipv4.ip_forward = 1

the following command enables NAT for local network (chance 192.168.0.0/24 to your real local network) eth0 must have a static public ip
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j SNAT --to ip_of_eth0

and save iptables config:
service iptables save

you will need to use iptables to set up the sharing.... I have done up a website to show you how to and it includes example scripts.

check out http://www.chrisliveonline.com/security/

Chris

by the way your local clients will have trouble to connect ftp . u must enable passive ftp

u can add the following lines to startup file "/etc/rc.d/rc.local". so your linux will load ftp modules every startup:

modprobe ip_conntrack_ftp
modprobe ip_nat_ftp