“This article presents a way to convert any spare machine
you have into a useful security gateway for your network, utilizing
Network Address Translation (NAT), and the firewalling features
present in Linux. This article will assume you have already
read and applied the techniques discussed in the Installation and
Securing Linux articles in the Linux Focus Area here on
SecurityFocus.com.”
“Some basic issues need to be addressed. This is not an ordinary
host, and should not be seen that way. This host should be
exclusively used for firewalling and NAT, and nothing else. This
means that you should not run other services. Also, if you are
going to redirect some service to an inside machine, make sure the
service is not susceptible to known vulnerabilities, and that you
keep up to date with patches. Failure to do this can render your
firewall useless.”
“The latest versions of the Linux kernel are not necessarily the
most stable and reliable versions that have been made available. If
your machine does not need the latest drivers, download and install
a reliable, stable, well tested kernel; kernel 2.0.38 is known to
be all three. You should enable IP Forwarding, IP Masquerading, IP
Firewalling, IP Transparent Proxying and IP Routing. If you are
having trouble compiling this kernel, take a look at
http://www.suse.de/~florian/kernel+egcs.html. This site has a patch
for compiling this kernel with egcs.”
Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.
LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.