Linux box + Speedtouch Pro router: how to do firewall on Linux box

Linux box + Speedtouch Pro router: how to do firewall on Linux box

Post by Derek Le » Tue, 05 Feb 2002 03:14:52



Hi,

I bought the 4-port Speedtouch Pro ADSL modem/router.
It uses PPP to talk to my ISP. It is connected to my
Linux box via the ethercard card. I will also connect a laptop
to the router, so that I will have a two-machine LAN.
(Cannot connect laptop to PC, as I have only one network card on the PC.)

The router works fine as a modem and an NAT box. But there is no firewalling on
the router as it does not seem to support port forwarding.

So, how to do firewalling?

In principle, I am thinking of:
(a) forwarding all network traffic to my PC
(b) setting up the PC as the default gateway for all other machines on the LAN,
     using iptables to do the port forwarding on the PC.

Would anyone know if this is possible with the Speedtouch Pro?

There is an option on the PPP setup of the router for an "Only Me"
connection, so that the router would allow only my PC to use its ADSL connection.
I am assuming that this achieves (a).

But would the router send all packets from my laptop via my PC, if I tell my
laptop (running Win98) that the default gateway is 10.0.0.1 (private address for
my PC)? I suppose I have to do something with the IP routing table on the router.
At the moment, the table is:

Destination
        Source          Gateway         Intf    
default
                10.0.0.1/32     212.56.100.59   MYPPP  
10.0.0.0/8              10.0.0.0/8      10.0.0.138      eth0
212.56.100.59/32
any             212.56.100.59   MYPPP
255.255.255.255/32
any             10.0.0.138      eth0
10.0.0.138/32           any             10.0.0.138  eth0

10.0.0.138 is the router
10.0.0.1 is the Linux box
212.56... is my ISP-assigned IP address for my connection

-Derek