SysAdmin: Build a Floppy Firewall

"Here's how I turned an unused PC into a packet-filtering firewall using a package called floppyfw . The firewall boots off a single floppy, runs completely in RAM, and uses ipchains for the filter rules. It also does IP masquerading, port forwarding, and can log to a remote host using syslog. All this in a machine with as little as 8 MB of RAM and no hard drive!"

"floppyfw's author, Thomas Lundquist, describes it as a Linux "screening router with firewall capabilities". It boots a Linux kernel and comes with a minimal set of tools to get the job done. If you think about it, that's actually a feature. If a bad guy were to get into your firewall machine somehow, there won't be much for him to use against you. And since we're running completely on a RAM disk, a simple reboot from the floppy will restore the system to its original state."

"As with many Linux projects, floppyfw has a do-it-yourself aspect. But I'll show you where I found a set of almost-ready-to-run filter rules, so you can quickly set up your own firewall."

Complete Story

Related Stories:

• Security Portal: Weekly Security Tools Digest 2000/11/17 to 2000/11/23(Nov 24, 2000)
• TheLinuxGurus.org: Building Linux and OpenBSD Firewalls [Book Review](Nov 18, 2000)
• Linux.com: Your "Old" 486 & LINUX(Sep 29, 2000)
• BSD Today: Setting up OpenBSD 2.7 as a cable NAT system(Jul 25, 2000)
• About.com: Routing for Linux(Jul 01, 2000)
• Linux Journal: Getting Small with Linux, Part 3(Apr 27, 2000)
• ZDNet: Linux Firewall On A 486: A Guard-Penguin For Your DSL Or Cable Modem... [Linux Router Proj.](Apr 04, 2000)
• VNU Net: Life in the old systems yet(Apr 04, 2000)
• VNU Net: Engineers turn retired PCs into Linux warriors(Feb 25, 2000)
• LinuxPR: muLinux V7r6 - minimalistic single floppy Linux distribution(Dec 31, 1999)
• Security Portal: OpenBSD - a secure alternative(Oct 27, 1999)