twitter |   ||  email | PGP --> harshal @ harshdevx.com

r00tst1llsabout m3

ubuntu as your gateway

i can't thanks linux enough. a year back around same time i was struggling with what to use as my firewall. i did alot of experimentation with routers installed dd-wrt/openwrt/tomato actually fried two routers. finally settled with a $80 refurbished desktop from hp (sff) and converted into firewall. so this tutorial is about how to make a firewall spending as little money as possible. many of us have a spare machine old one thats lying around and sometimes we basically throw it because its too slow running windows on. my advise don't throw. what i did was i got this machine installed a $20 gbps nic (network interface card) and installed ubuntu 14.04 server (i went with a mini iso). i will not cover how to install ubuntu server on a machine as there are plenty of tutorials and you can basically get this running within like 20 mins. there are plenty of tutorials available on firewalls as well. i just thought of covering them here was because at one time i was too scared with iptables. but after working with iptables for a year now i can say i am doing ok. this tutorial will get you started with your home firewall.

step 1: get the ubuntu 14.04/16.04 installed. now you can go with any of the distro you like ubuntu is my choice just to make few things easy.
step 2: when it comes to firewall install only required software. i personally would not like a firewall to have gui, music player, browser etc. therefore my choice is ubuntu mini iso. install as you need (need to do basis)
step 3: hardware requirements: an additional network interface card. why? one will be our WAN interface and other will be LAN interface.
step 4: one important thing to note is that these days isp`s ship devices that are capable of wifi/modem together. i don;t like them. basically i prefer to have my own router. so what i do is get into the device and turn their routing functionality off. the device becomes dumb modem. what its supposed to do basically.
step 5: so lets take inventory of what we have so far. we have a machine with 2 nics. a router/mdoem from isp that we converted into a modem. our own home router that will have the functionality of "just the router".
step 6: so far so good. next step is to create a file called fwall. on your prompt elevate your privilege to root. you can do that by typing "su -" and the password for the root.

mkdir /admin

mkdir /admin/scripts

touch /admin/scripts/fwall

chmod +x /admin/scripts/fwall <-- this basically makes the file executable

next we will write some code. this code will basically ensure that data from your LAN interface is sent to the WAN interface of firewall and vice versa. to download the code below click me and save as .sh. do not forget to make it executable.

once we are through with our firewall we will have to configure the router to pass the traffic from our LAN to the firewall.


concept and design: harshdevX