If I make my own Linux Router with Two NIC interfaces, do I have to enable NAT on that Router box?.

I want to make my own Linxu Router Box to protect my home office from
outside, the Router box had two NIC interfaces (One NIC interface to
cable modem and other interfcae to 8-port switch), do I have to enable
NAT eventhough my second interface is connecting to 8-port switch (all
local computers connected to switch for Internet access) and I have
only one public IP address through cable modem?. Thanks in advance.

I am enabling the Routing from standard RH distro, Is there any
firewall protection supported in RH Distro or any other distro?.

<(E-Mail Removed)> wrote in message
news:(E-Mail Removed) ps.com...
>I want to make my own Linxu Router Box to protect my home office from
> outside, the Router box had two NIC interfaces (One NIC interface to
> cable modem and other interfcae to 8-port switch), do I have to enable
> NAT eventhough my second interface is connecting to 8-port switch (all
> local computers connected to switch for Internet access) and I have
> only one public IP address through cable modem?. Thanks in advance.
>
> I am enabling the Routing from standard RH distro, Is there any
> firewall protection supported in RH Distro or any other distro?.


Firewalls and NAT support is in Linux. One program that gives you an easy
GUI interface is firestarter. It makes it easy to setup routing and
firewalls by generating the scripts for you.

Randy

Of course, you have to. Whenever you have one public ip and want to
connect more than one machine to internet, you have to use NAT.

Probably you need some documentation to help you better understand NAT.
Try googling for NAT.
cheers,
Manu
----------
Manu Garg
http://manugarg.freezope.org

Unless you have publicly accessible hosts on the other side of the
firewall (and routes to make sure traffic gets to them), you either
need NAT or a proxy on the firewall for the systems behind the firewall
to do anything useful.

thornton

(E-Mail Removed) wrote:

> I want to make my own Linxu Router Box to protect my home office from
> outside, the Router box had two NIC interfaces (One NIC interface to
> cable modem and other interfcae to 8-port switch), do I have to enable
> NAT eventhough my second interface is connecting to 8-port switch (all
> local computers connected to switch for Internet access) and I have
> only one public IP address through cable modem?. Thanks in advance.
>
> I am enabling the Routing from standard RH distro, Is there any
> firewall protection supported in RH Distro or any other distro?.

If you have only one IP address from your ISP, you need NAT.

(E-Mail Removed) wrote:
> I want to make my own Linxu Router Box to protect my home office from
> outside, the Router box had two NIC interfaces (One NIC interface to
> cable modem and other interfcae to 8-port switch), do I have to enable
> NAT eventhough my second interface is connecting to 8-port switch (all
> local computers connected to switch for Internet access) and I have
> only one public IP address through cable modem?. Thanks in advance.
>
> I am enabling the Routing from standard RH distro, Is there any
> firewall protection supported in RH Distro or any other distro?.
>
If you have a static IP you use SNAT out the public side, otherwise you
use MASQ for DHCP or similar variable IPs. This is discussed in the man
page. You want a paranoid firewall, I start by setting my INPUT and
FORWARD policies to DROP and going from there.

If you roll your own don't forget you need to accept some ICMP like
network-unreachable and needs-fragmentation. I haven't used any
firewalls but my own enough to recommend one, although I know people who
are happy with astaro.

--
-bill davidsen ((E-Mail Removed))
"The secret to procrastination is to put things off until the
last possible moment - but no longer" -me