9/8/2010 11:42:33 PM 
Cyber Dog Tech Title Image
Title Image
 
Blue Arrow Work
 •Debian Firewall
    Tutorial
 •Projects
 •School [RPI]
 •Writing
 •Random
 
Green Arrow Personal
 •GPG Key
    [7070384A]
 •Paranormal
    Library
 •Memberships
 •BOINC Stats
 •Folding@Home
 
Red Arrow Misc
 •Old News
 •AIM Quote
    Locker
 •Driving in NC
 •Top 12
 •Archives
 
Purple Arrow Hosted
 •Pyro's Nook
 •Agents Point
    Archives
 
Yellow Arrow Contact
 •Feedback Form
 
Jinx Hackware
 
Valid XHTML 1.0!
Valid CSS!
Green ArrowGreen Arrow Debian Firewalls -- Interfaces Green ArrowGreen Arrow
 
    First, we have to configure our network interfaces. For the sake of this tutorial, we'll be using two ethernet interfaces. One is the internal interface, and connects to our LAN switch. The second interface is external and connects to our ISP (cable modem/DSL modem/etc).

   Your LAN can use any private IP address range. We'll be setting up PAT (Port Address Translation, also known as NAT - Network Address Translation) shortly. This will allow all the computers on our local network to use internal addresses. The firewall will automatically translate our internal address into the external address assigned by our ISP.

   Interfaces are configured in the /etc/network/interfaces configuration file. We'll be using the nano text editor throughout this tutorial. If you prefer another editor such as vi or emacs, feel free to use that instead. Open the networking configuration file in nano:

Firewall:~# nano -w /etc/network/interfaces

   Hopefully the interfaces file will already have your ISP interface preconfigured from setup. You'll also have a loopback interface (lo) which is normal. We'll assume for the rest of this tutorial that eth0 is the name of your ISP interface and eth1 is the name of your internal (LAN) interface. If you're not sure what your interfaces are named, run the ifconfig command from the command line...they should be listed.

   The actual configuration file is quite simple. Lets break it down:

auto eth0 - automatically start the interface when the system boots. You'll want this for any vital interfaces.

iface eth0 inet dhcp - declares that the eth0 interface should get its information from DHCP. This is what you'll want if you automatically get your IP Address from your ISP.

   Now we have to add or edit our internal interface, which will have the static IP address of 192.168.1.1:

auto eth1
iface eth1 inet static
address 192.168.1.1
netmask 255.255.255.0

   These entries tell the system to automatically start eth1 when the system boots, and use a static ip address of 192.168.1.1 for the interface.

   Once you've made the necessary changes, hit Ctrl+x to close nano, and save the file.

   Finally, it's good to know how to change interfaces between up and down state. To bring an interface online manually, use ifup [interface name]:

Firewall:~# ifup eth0

   To shut an interface down, use ifdown [interface name]:

Firewall:~# ifdown eth0

Configure the Interfaces

Alternative Alert! - Interfaces
Linux supports a very broad variety of network interfaces. It can run practically anything including ethernet, dialup, wireless, token ring, atm, and more. This will leave you the ability to get very creative with your network topology if you so choose. You can add any kind of connection you like, including in combinations that provide redundancy and multi-homing. For the sake of simplicity, this tutorial only covers a basic ethernet configuration.
 
Proceed to Step 5 - The Firewall
 
Copyright © 2006 Matt LaPlante. All rights reserved.
Page created in 0.0018 seconds.