[SATLUG] Home Network Configuration

Dylan Nelson cold2na at gmail.com
Fri Apr 23 21:52:50 CDT 2010


After talking with you guys and before moving everything around, it
might/should look a  little something like this?


On Thu, Apr 22, 2010 at 8:56 AM, David Kowis <dkowis at shlrm.org> wrote:

> On 4/21/2010 11:45 PM, Dylan Nelson wrote:
> > I want to do some home networking with building my own hardware firewall.
> I
> > want to run either openbsd, iptables (like ipfire), and need a linux
> server.
> > I need some serious practice on these kind of configurations. The
> problems
> > come in play with constant trial and error with the home network while my
> > wife is home and online. No kind of 'sorry honey, building a firewall.
> Oh,
> > oops about shutting the dvr connection off during Glee' is even
> > approachable. How can I build my own practice lab without really
> affecting
> > her network until I can expertly configure this setup. thanks in advance.
> Oh
> > here is all I got on hand:
> >
> >    - desktop with three nics (firewall)
> >    - 3 desktops (1 mac as multimedia pc)
> >    - 2 laptops
> >    - 2 smartphones
> >    - 1 ipod (wireless)
> >    - switch ( 8 port)
> >    - modem
> >    - router (Netgear g. might get n soon).
> >    - also, a soekris board in mail soon.
> >
>
> I've always been a big fan of shorewall. It's a scripted interface to
> iptables. The configuration scripts are easily copy-able between
> multiple machines and are isolated to /etc/shrorewall and
> /etc/shorewall6 (for ip6tables).
>
> It's got support for traffic shaping, which is wonderful. Linux traffic
> shaping was difficult for me to understand, and the shorewall setup
> helped alleviate that somewhat.
>
> I use an openwrt now after my original dell computer died (the harddrive
> has a nice groove in it.) I was able to make a few changes to interface
> names, and remove the ebtables specific stuff (because openwrt doesn't
> have ebtables support.) And then apply my existing shorewall
> configuration onto a completely different system and architecture.
> That's really nice.
>
> But as for a practice lab, you could use virtualbox even to test your
> firewall. Run it on your desktop, build the machine the way you want,
> and then you can test the ports being forwarded and such. You can use a
> second virtualbox machine attached to the firewall and simulate NAT and
> other such things to ensure it actually works.
>
> David
> --
> _______________________________________________
> SATLUG mailing list
> SATLUG at satlug.org
> http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe
> Powered by Rackspace (www.rackspace.com)
>


More information about the SATLUG mailing list