The Great gateway Train or how to gateway behind the gateway

The Great gateway Train or how to gateway behind the gateway

Post by Harry Putna » Fri, 19 Apr 2002 15:16:15



OK, its a silly subject line but does actually describe what I want to
do.

To Summarize a litte:

I'm too chicken to match wits with prospective hackers directly but I
still want to play around with firewalling and iptables.

For some time now, I've run a home network semi-safely gaurded by a
hardware firewall/dslrouter.  A NETGEAR FN314.  Once I'd gone around
with NETGEAR tech people a few times I got it setup like I wanted, and
have had no problems.

I did this because I felt it was too labor intensive and time
consuming trying to keep up with security thru iptables firewall
rules, and devoting a full machine to it.  I'm not that good at it and
was constantly making foibles that could have had serious
repercussions.  This hardware solution sets there the size of a book,
no noise and quietly rejects all kinds of taps daily.

However, and here is the rub, now I want to tinker with iptables and
build up my knowledge of networking and security.  I want to do it
semi-safely ensconsed behind this firewall.  In short, now I want to
tinker as opposed to having to have a real working firewall to take
care of.

So I'm thinking I could set it up so that one local network machine is
pointed at an experimental box as its gateway.   That box inturn is
pointed to the firewall as gateway.  So on the experimental box I
could mess with packets coming thru the firewall in  communication
with the one that is gatewayed thru the experimantal machine.  It
would be like being exposed to the internet to some small degree.

It wouldn't really be the real McCoy but would be sort of similar.
Allowing a way to safely try things out (or at least more safely than
without a firewall)

So, to the punch line and why I posted here.  I wanted a general
outline of how to do this.  Not all the nitty gritty details, but a
general guideline.  I suspect/know there are people here to whom this
would be done in there sleep.  So I'm just asking for an off the top
of the head outline to follow.

My setup is 5 networked machines.. Two winX and 3 various linux and
FreeBSD.  All behind the NETGEAR firewall.  This is just a family
setup no commercial business involved.  DSL connected thru local ISP
and phone co.

The 3 unix variants are my personal machines, two are experimental
installations one is my main desktop.  One of the experimental ones is
a dual boot laptop running FreeBSD and win98.  The main desktop is
running redhat linux and has been for years. The second experimental
machine currently has Sun solaris 8 (intel), FreeBSD 4.5 and Debian
testing (woody) on it.

 
 
 

The Great gateway Train or how to gateway behind the gateway

Post by David Har » Fri, 19 Apr 2002 17:40:25



> OK, its a silly subject line but does actually describe what I want to
> do.

> To Summarize a litte:

> I'm too chicken to match wits with prospective hackers directly but I
> still want to play around with firewalling and iptables.

[snip]

Quote:> However, and here is the rub, now I want to tinker with iptables and
> build up my knowledge of networking and security.  I want to do it
> semi-safely ensconsed behind this firewall.  In short, now I want to
> tinker as opposed to having to have a real working firewall to take
> care of.

[snip]

User Mode Linux at http://user-mode-linux.sourceforge.net/ may help you
do what you want.  It enables you to set up a virtual machine (or a
virtual network of machines) running on a 'real' linux box.  Great for
experimenting with apps and configs.

--
David Hart


 
 
 

1. Gateway 2000 laptop w/Gateway SCSI PCMCIA

I have YGGDRASIL Plug-&-Play LINUX on CD-ROM.

I would like to install a minimal boot partition on my GATEWAY 2000
laptop and suck the rest off of my CD-ROM drive.  Only problem is that my
PCMCIA (GATEWAYs) card and driver is not supported (natively).  

Anyone out there know of a workaround for the GATEWAY?  

As of now I cannot bring up the Kernel.  I can invoke LILO from a floppy
boot disk but cannot access the CD-ROM disk due to above support issue.  
I tried to boot from DOS by invoking the RUNLINUX.BAT program on the CD.
The disk spins but the system hangs immediately after the invocation.

Thanks for any help
Bob

2. Diamond Stealth SE

3. Gateway - Setting up Linux as a gateway server

4. Network Options

5. Gateway, looking for good Voice over IP gateway solution

6. Exception handling in egcs-1.1.1 (or gcc-2.95)

7. how to make a freebsd box use a gateway, NOT make the box a gateway!

8. mset(), mclear(), msleep() and mwakeup(): Where?

9. Gateway,Gateway

10. How automatic route trafic from default gateway to second gateway then connect to default will broken

11. how to save the gateway configuration when there are more than 1 gateway?

12. Two gateways only default gateway works.

13. Default gateway's default gateway.