A good start for a gateway boxThis article outlines an install I did for a friend who had a DSL connection.
If you are using a ppp connection (i.e. a dial up connection) then perhaps ppp is all you need. See Installing PPP – alias for more information. However, ipnat will give you more flexibility and allow you to redirect ports to internal machines and choose the port ranges for NAT. My understanding is that ppp wont give you the full forwarding that ipnat will.
ppp does have a limited number of filtering rules available and that should be sufficient to protect a workstation. But my personal view is that if you have a network at home, ipnat will give you more than the alias option of ppp. I would also recommend using ipf to protect that network.
http://www.currency.co.nzI know the guy who runs the http://www.currency.co.nz. He recently had a cable modem installed at his home and he wanted me to help him install and configure his gateway. We started about 6:30pm tonight. The hardest bit was getting the network cards going. At first ed0 was timing out, but we eventually found the correct IRQ and base address.
As with all of my installs, I prefer to select the minimal distribution. If it fails, you haven’t wasted as much time. At least you find out sooner and can take corrective action. And try again.
Post InstallThis article assumes you already have FreeBSD installed. See topics.php#install for information on intalls.
After installing the base system, we did the following:
- installed All the ports
- installed the kernel source
- installed apache
- installed lynx
- installed ssh
- installed bash
- installed cucipop
- installed ipnat and configured it
- installed IP Filter
- installed the man pages
- configured sendmail to allow relay of trusted domains
How long did it take?We started at about 6:30 and I left about 11:15. Given that we stopped to have dinner, I’d say we spent about 4 or 4.5 hours on this. I imagine the hardware took us about an hour to sort out. We were also running a 486. A newer box would have compiled the ports much faster. It was also a slow disk. We installed the ports from a slow CD-ROM. To be fair, we did do an FTP install. That took quite a while.
I figure we might have been able to do all this in three hours with a faster box and connection. If you had the tarballs on a local FTP server, that would have helped a bit. That would have saved further download time.