I am getting ready to build my first firewall, using Fedora Core 2. I have read a lot of tutorials, but all of them are for firewall with NAT enabled. What do I do if I don't need NAT. For example, I have a network with 50 Class B Ip's we use a default gateway supplied by our University and DHCP to distribute the IP's. So the only thing I really need to do is firewall my 50 IP's from the outside world while continuing to use our given IP's and gateway. Any thoughts on how to set this up would be appreciated.
Use Shorewall [1] and read the "Two-Interface Quick Guide". You may also want to take a look at my "Small Netserver HOWTO" [2] which is grossly incomplete yet may offer some useful hints. It'll be finished someday, but may get you started now.
[1] http://www.shorewall.net
[2] http://www.simpaticus.com/linux
Note that you may not *need* NAT but might want it anyway, as just one more layer of protection for your network. Just depends on how secure you want to try to be.
One more question, when connecting the outgoing NIC from the firewall to the rest of the network do I need to use a crossover cable or will I specify that the NIC is supposed to be outgoing in firewall configuration?
Computer-to-computer or switch-to-switch connections need a crossover cable; computer-to-switch connections need a normal/straight/standard cable. What you are putting through the connection does not affect cabling. You will, however, need to tell the firewall and the routing rules which connection goes where, etc. so traffic goes to the right place.
Cheers,
-- Rodolfo J. Paiz rpaiz@xxxxxxxxxxxxxx http://www.simpaticus.com
