A good start for a gateway box

A good start for a gateway box

This article outlines an install I did for a friend who had a DSL connection.

If you
are using a ppp connection (i.e. a dial up connection) then perhaps ppp is all you need.
  See Installing PPP – alias for more information.  
However, ipnat will give you more flexibility and allow you to redirect ports to
internal machines and choose the port ranges for NAT.  My understanding is that ppp
wont give you the full forwarding that ipnat will.

ppp does have a limited number of filtering rules available and that should be
sufficient to protect a workstation.  But my personal view is that if you have a
network at home, ipnat will give you more than the alias option of ppp.  I
would also recommend using ipf to protect that network.


I know the guy who runs the http://www.currency.co.nz
He recently had a cable modem installed at his home and he wanted me to help him install
and configure his gateway.   We started about 6:30pm tonight.  The hardest bit
was getting the network cards going.  At first ed0 was timing out, but we eventually
found the correct IRQ and base address.

As with all of my installs, I prefer to select
the minimal distribution.  If it fails, you haven’t wasted as much time.  At
least you find out sooner and can take corrective action.  And try again.

Post Install

This article assumes you already have FreeBSD installed.  See topics.php#install for information on intalls.

installing the base system, we did the following:

How long did it take?

We started at about 6:30 and I left about 11:15.  Given that we stopped to have
dinner, I’d say we spent about 4 or 4.5 hours on this.  I imagine the hardware took
us about an hour to sort out.  We were also running a 486. A newer box would have
compiled the ports much faster.  It was also a slow disk.  We installed the
ports from a slow CD-ROM.  To be fair, we did do an FTP install.  That took
quite a while.

I figure we might have been able to do all this in three hours with a
faster box and connection.  If you had the tarballs on a local FTP server, that would
have helped a bit.  That would have saved further download time.

A good start

The above represents a good firm foundation for your box.  There are more
configurations items such making the box more secure, but those items are left for another
article.  I’m ready for bed.  It’s 4:13am.

Leave a Comment

Scroll to Top