CentOS - Feb 2012 - How to setup a computer using CentOS6 as a firewall for the whole network in my place?

Hello
in one of the emails I sent earlier ; mark (m.roth at 5-cent.us) mentioned:
>     install linux on a computer with two ethernet cards.  connect eth0 to
>     your internet connection, and eth1 to your local network.   configure
>     iptables firewall rules in the linux system.  or install pfsense on
that
>     same computer.
Please if any one can help with more details and example for the 
configuration that would be awesome.

Thanks

On 02/23/2012 05:31 PM, Wuxi Ixuw wrote:
> Hello
> in one of the emails I sent earlier ; mark (m.roth at 5-cent.us) mentioned:
>
>>      install linux on a computer with two ethernet cards.  connect eth0
to
>>      your internet connection, and eth1 to your local network.  
configure
>>      iptables firewall rules in the linux system.  or install pfsense
on that
>>      same computer.
>
> Please if any one can help with more details and example for the
> configuration that would be awesome.
>
http://www.frozentux.net/documents/iptables-tutorial/

On 02/23/2012 11:31 PM, Wuxi Ixuw wrote:
> Hello
> in one of the emails I sent earlier ; mark (m.roth at 5-cent.us) mentioned:
>
>>      install linux on a computer with two ethernet cards.  connect eth0
to
>>      your internet connection, and eth1 to your local network.  
configure
>>      iptables firewall rules in the linux system.  or install pfsense
on that
>>      same computer.
>
> Please if any one can help with more details and example for the
> configuration that would be awesome.
>
> Thanks
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
>
I would use Shorewall instead of regular firewall. And there is Webmin 
module for Shorewall. If you protect Webmin properly (like only 
localhost access) it can help you greatly with simple configuration.

Shorewall even supports "tc", bandwidth shaping.

-- 

Ljubomir Ljubojevic
(Love is in the Air)
PL Computers
Serbia, Europe

Google is the Mother, Google is the Father, and traceroute is your
trusty Spiderman...
StarOS, Mikrotik and CentOS/RHEL/Linux consultant

Why does it have to be CentOS? If you want a wonderful router/firewall 
that you can have up and running in a few minutes, you should look at this:

www.pfsense.org

I quote from their website:

"pfSense is a free, open source customized distribution of FreeBSD 
<http://www.freebsd.org> tailored for use as a firewall and router. In 
addition to being a powerful, flexible firewalling and routing platform, 
it includes a long list of related features and a package system 
allowing further expandability without adding bloat and potential 
security vulnerabilities to the base distribution."


If you insist in using Linux instead, you could look at this:

www.ipcop.org

Once again, a distro specialized on the function it performs.

Why have a generic and bloated system that you then have to customize 
from scratch when such wonderful specialized projects already exist?

I use Linux servers and a pfsense firewall to protect the network. Works 
like a charm, with amazing stability and reliability.

On Thursday, February 23, 2012 07:37:08 PM Miguel Medalha
wrote:
> "I use Linux servers and a pfsense firewall to protect the network. 
> Works like a charm, with amazing stability and reliability."
pfsense for a newbie?

A CentOS-like firewall would be ClearOS (formerly Clarkconnect) and again would
reduce the number of simultaneously-learned layers to wade through.  While it
works very well, it is yet another layer and difference to learn, and when
learning is is really good to not overload the number of layers to learn at
once.  IMHO, YMMV, etc.

Since I have done cisco IOS stuff for a decade and a half, now, I'd
recommend Vyatta over pfsense, but, there again, it is yet another, different,
layer to learn that *will* overwhelm a newbie.