Most of what I know about networking is in Windows-land, but I wanted to set up a firewall to block out windows vulnerabilities, so for added security, I decided to make a Linux box instead of buying a router. (Plus, I can run apache and test vBulletin betas on it )

I don't know much about Linux networking, having played around with it primarily as a desktop OS, but I have a couple of Linux administration books, and in one, I found the following hack for NAT (entered into /etc/rc.d/rc.local):

Now, I don't understand a bloody thing about what that does, except that I changed ppp0 to eth1 because eth1 is my secondary NIC, which will be connected to the internet. (eth1's a cheap 10 mbps NIC); I'm hoping that I don't have to say anything about eth0 (my internal network interface, on a 10/100 NIC, which goes to a switching hub)

I also included insmod lines for ftp, irc, quake, raudio, and vdolive, since those were listed in my book, and I want this NAT server to be as non-restrictive towards what I can do on the internet as possible...I just don't want anybody from the internet getting into my client machine.

Now, I have a couple of pop email addresses that don't have SMTP servers to go with them, and my ISP won't forward any SMTP requests from email addresses other than my own, so I had Peer Web Services set up on my client machine (Windows XP Pro) and was running my own SMTP server to date.

1) With that NAT implementation, will that SMTP server still function on my XPee box?

2) Is there an easy way to set up a simple SMTP server in Linux? My server's a complete piece of crap (it's got all the hardware that's not good enough to go into my main computer...I do have X installed on it, but it usually takes less than a minute to crash once I fire up X), so I'd prefer a solution that can be implemented *entirely* from the command line. Yes, I have pico installed, so I don't care if there's heavy-duty configuration file editing. I'd prefer to set it up so that the SMTP server will send any messages coming from my client machine (i.e., through eth0) but deny forwarding for anything on the internet.

Last note: feel free to use networking jargon; I do know the basics of networking (well enough to pass CompTIA Network+), it's just Linux networking I'm not so hot on.

1) Yes
2) Yes, install postfix

3) Install a new distro of linux with iptables

RH9, Mandrake 9, etc.

4) Click my sig link for an easy masq setup
5) Email / AIM me if you want a more indepth explanation

if you are running RedHat 8.0 you should have iptables installed (if not, recompile your kernel and add it), don't use ipchain, it is old, out-dated. iptables is far better.

Yeah, it actually is an iptables hack, I typed from the book, and both are 3-line hacks that appear on the same page ><

firestarter.sourceforge.net

It is all in one GUi solutions for your questions. with few mouse cliks you can setup NAT / firewall / ports to block , ports to open , forward prots etc.