Use puppy as a firewall + gateway/bridge?

Using applications, configuring, problems
Post Reply
Message
Author
Anna Merikin
Posts: 7
Joined: Tue 21 Jun 2005, 03:41

Use puppy as a firewall + gateway/bridge?

#1 Post by Anna Merikin »

I was just playing with the puppy a few minutes ago, and ran across a script to configure firewalling (/tmp/rc.firewall) and in the comments there appears to be an option to use puppy as a firewall plus gateway/bridge -- a router with three NICs, one connected to the DSL modem for internet sharing, one out for internet sharing and the third bridged and promiscuous on another subnet allowing filesharing and other functions as well.

Is this so? Can someone give me a clue on what software needs to be installed (if any) and a point in the right direction in configuring morizot or whatever program this file belongs to?

GuestToo
Puppy Master
Posts: 4083
Joined: Wed 04 May 2005, 18:11

#2 Post by GuestToo »

the "morizot" firewall in Puppy is a slightly modified version of a firewall i created using the program here:

http://easyfwgen.morizot.net/gen/

you can build a custom firewall on that website
for example, it has an option for:
Single System or Private Network Gateway?
Single System
Gateway/Firewall

the script produced needs to be slightly modified to work properly with Puppy

you need to change the path to iptables

you should set SYSCTL="" because Puppy does not have sysctl

i don't think tcp_syncookies is enabled in the kernel ... you will get an error message if you do not change the line that tries to set it (but the rest of the script will work ok)

the latest version of the firewall uses something that Puppy does not have, and will give you an error message ... i do not know if the latest version of the firewall works properly in Puppy or not ... the older version that Puppy has seems to work ok (there are older versions of the firewall generator available on the website)

i think all you need to setup a firewall/gateway is a set of rules for iptables ... if you know what you are doing, you can write them yourself, or there are many scripts available

Guest

#3 Post by Guest »

To use as a bridge you will also need to compile and install bridge-utils. And grab the additional modules that have the bridge module as well as I don't think this contained in the standard supplied modules. Another thing too, firewalling packets that go between the brigded interfaces is quite a complex subject and requires additional software.

Post Reply