Making a router from a Linux machine

iceman_to_the_max_at_yahoo.com
Date: 02/28/05 

Date: 28 Feb 2005 09:02:29 -0800

I have a Debian Linux on one machine which has 2 Ethernet cards. I want
to make this machine to be my firewall. eth0 is connected to one small
network of about 15 computers, while eth1 is connected to another
"network" of 1 computer. I want to make my Linux machine filter
everything I want and let everything I need. However, many days working
with iptables just didn't help - I still don't have a solution. My
current solution is to use a simple Ethernet bridging, which is a
"goodbye to firewall". I have tried everything reasonable from the
iptables documentation provided. I also searched the Internet,
including these Groups. I used to make it work good in one direction,
but not vice-versa. I also am concerned if the iptables is enough,
since many things work on the lower level (ARP, RARP, DNS and many
other protocols use the OSI Layer 2 or TCP/IP network layer to provide
their services).

Since I have tried "everything" and it didn't work, the only reasonable
answer to this might be a complete configuration. If anyone has a
sample configuration which is analogous to the above, please post here
or send me a complete process of how to do this. I think no further
explanation would be necessary of the given solution, the only thing I
want is it to work. Maybe this is too much to ask, but that seems the
only solution.

Shortly, I need no masquerading, but I need to translate all eth0
addresses to eth1 and vice versa. I still want my firewall to be
functional as a workstation or a server and a part of any network,
preferrably one of eth0.

Relevant Pages

  • Help: configure networking
    ... I have two ethernet cards: ... I'm starting with eth0. ... This server is inside a Windows network serving DHCP that in turn connects to the internet. ... I can't even ping other computers on this network: ...
    (Ubuntu)
  • Networking/Firewall design
    ... Windows 98 Box eth0 192.168.5.4 ... As you can see all my boxes are on the same network 192.168.5.0 ... But I do not have Firewalls or IDS even if the router can do some NAT ... where do I put the firewall and for example Snort? ...
    (comp.os.linux.security)
  • Upgrading to 2.6.5 switched my physical network interface names
    ... I've got a setup with two similar Realtek ethernet cards that both ... Naturally the network does not work anymore. ... I believe that in 2.4 the 8139too driver allocates ethx on the MAC address ... an ethernet card with a certain MAC address gets allocated eth0? ...
    (Debian-User)
  • NTL Cable modem, ethernet cards & ICS
    ... network (eth0) and the other connected to an NTL cable modem. ... Connection parameters are no firewall, ... The boot log seems to enable both ethernet cards OK & reports IP addresses ...
    (alt.os.linux.suse)
  • Re: Network dies
    ... >I added port 68 to the firewall but the network was down again today. ... >eth0 again and it came up, ... Depending on how busy your network is, you might also need to filter based ...
    (comp.os.linux.networking)