Building a NetFilterbased firewall is not difficult. End users interested in setting up their own NetFilter firewall can use the following brief checklist:
Step 1. | Select a system to be used as the firewall. |
Step 2. | Install additional network interfaces (minimum number of required interfaces is two). |
Step 3. | Install at least the minimum recommended memory (preferably more if the firewall will be providing more than just filtering services). |
Step 4. | Select a Linux version to install (Debian, Fedora Core, Red Hat, Gentoo, and so on). |
Step 5. | Install the operating system. |
Step 6. | Configure the operating system (assign addresses to interfaces, either by using Dynamic Host Configuration Protocol [DHCP] or static assigned addresses). |
Step 7. | Define which services will be allowed through the firewall. |
Step 8. | Define which hosts will be translated by the firewall. |
| |
Step 9. | Using the iptables utility, Firewall Builder, Firestarter, Webmin, or another utility, create the firewall filter ruleset. |
Step 10. | Apply the ruleset to the external interface (that is, the public interface) of the firewall. |
Step 11. | Test connectivity through the firewall. |
Step 12. | If desired, define what outbound traffic is to be filtered. |
Step 13. | Apply the outbound filter to the internal interface of the firewall. |
Step 14. | Retest connectivity through the firewall. |