I've used distros like ClarkConnect in the past for my gateway needs but they've proved to be bloated and resource hogs (not to mention runing on RedHat) so I want to try and put one together myself using Slackware.

The box: P!!!-550MHz, 384MB RAM, 13GB HD, 2x 10/100 NICs

What do I need to do to get this to work, how minimal of a Slack install can I do and still be able to compile new apps and run apache, ftp and maybe a game server on occation with preferably no X.

What would be a good firewall to use as well for this application?

Any thing to get me started would be appreciated. Thanks

It shouldn't be too hard if you're already familiar with Slackware and the services you want to run. Just install a minimal Slackware (I think base only) and add packages as you find you need them. Use iptables for the firewall, but you're going to have to learn how to configure it by hand because every tool I know to help you create firewall scripts runs in X.

I did this a while back with Slackware 8.1, but I've moved to Smoothwall now since all I really wanted was a firewall.

What if I installed X for configuration and just didn't boot into it at start up? Do any of its processes start anyway?

No, if you install X, but leave the default runlevel at 3 (this is the default for Slackware), none of X Window's services will start. You'll have to log in and run startx to run X.

Ok, I think I'll do a fresh install of Slack on my box to get rid of what I don't need, wish there was an install option like on some distros for if you want to create a gateway/server so you don't have to look thru packages.

Ok so I've got Slack 9.1 installed on the box, how should I first go about making it a gateway to my main box ie a cross over cable?

Possibly a silly Q but do you need to route traffic to/from the internet or are you only wanting to allow web stuff out? If this is the case, then you could just use squid and not have to worry too much about forwarding. A tought anyway

Traffic from the whole internet.
I've got IP Masq going now but its still not working, I don't think eth1 is setup correctly because when I do an ifconfig I only get eth0 and lo. I can see it if I do an ifconfig -a but it doesn't show an address or mask or anything just the card itself so that would be concerning iptables I think but I have no experiance with that.

I can ping 192.168.1.2 from the gateway but can't ping 192.169.1.1 from the cliet behind it. I'm smashing my head against the wall here, I dunno what I'm doing wrong, it SHOULD work.

If you are just trying to use it as a gateway/router to just route internet for your LAN all you need to do is set iptables to NAT/MASQUARDE so that your LAN can get internet traffic. You'll then want to echo 1 > /proc/sys/net/ipv4/ip_forward . After doing that you'll want to set up your device's IP/SUB. You can use ifconfig for this..now you should pretty much have everything ready (Just check your route'n table to be sure that it's routing correctly to the right devices).

As for it being slackware I'm not really to sure how to set it to defaulty get the IP and such since I'm used to distros with /etc/sysconfig/network-scripts. However I do believe there is a file somewhere in the rc scripts to configure your network. If you cannot figure this you can just simply put all the commands you need to do in rc.local to run at boot time.

"If you are just trying to use it as a gateway/router to just route internet for your LAN all you need to do is set iptables to NAT/MASQUARDE so that your LAN can get internet traffic. "

How can I do this?

Get Firestarter at linuxpackages.net . I set up my gateway/router and firewall with this easy tool. Really good tool.

http://www.linuxpackages.net

It's marked as a 9.0 package but it's compatible with 9.1 (as I'm using it you can trust that)

Hope it helps.

I'm not really familiar with gnome, haven't been able to get it to even connect to the net so I'll probably stick to KDE, that firewall front end looks like its what I need though, too bad its not for KDE

Well first even if it is a GNOME type app (GTK) you can still run it in KDE as long as you have GTK installed properly.

Secondly, as to answer your question; you can go to http://www.netfilter.org/ and you can read the docs on how to properly setup up iptables for your network (I would strongly recommond reading the tutorials first and then the HOWTOs). There is also a list of iptable scripts at one of the links there...you'll have to look. I'd suggest you using them if you don't want to write your own (you'll have to edit them).

Just for reference I'm going to give you a few commands to get you started...I'm going to put # infront of comments. This way you can copy this into a file and load it to see how it works. WARNING: this is NOT to just be used as your firewall...this is not secure -- it's only a couple lines for masquarding and such for REFRENCE

This basically just cleans out the iptables in there right now and sets 'em up. This should be done before re-writing the rules (otherwise old rules will get in the way).....or you can use the -D to delete specific rules. I find commenting out the rules I don't want and then re-running this to be easier =).

This turns on ip_forwarding to allow the computer to be used as a router. The other you don't have to be too worried about honestly. It _should_ work either way. However if you are having problems try setting it to either 1 or 0 and test. Be sure to re-run the scipt each time and restart network service.

Okay, and here is the ip routing command.
NOTE: This is for a internet connection on ppp0 ...if you have broadband or such you'll more than likely want to change this to either eth0 or eth1 depending (the -o represents OUTGOING interface). Also this is for masquarding. if you have a static IP then you'll probably just want to use NAT instead. The tutorials/HOWTOs will explain that in detail.

Alright if you want to play around with iptables I might as well send you this command. This one will block SYN (computers trying to connect to you) however will allow ACK in which will allow computers you request to connect to you.

Hey! I don't use GNOME at all! I'm running it through KDE and it's really smooth. Actually you just need it to get you firewall up, then you can turn it off. Take a look at the preferences window "start firewall on program startup " and "stop firewall on program exit"
select the first one and turn the second off. Just open firestarter and close it. Your firewall will be up and running, although it is running really smoothly here under KDE.