I'm new to the raspberry-scene and I have some interesting ideas.
I'm not only new to the rasp-pi scene, but also relatively new to linux, so I may ask some dumb questions...
I don't know exactly how complicated this is, but I think it is achieveable - even for a noob like me. (I've been building all my PCs from scratch since I was 14 (I'm 23 now) and I have a basic knowledge about how things work (I mean, I'm not a typical windows-user
I want my Pi as a firewall and a router and I have instructions for both
I don't know, whetehr I can make the Pi do both jobs at one time.
I do only have one Computer connected to my network all the time and from time to time my smartphone and one or two notebooks (so it's not a big network).
I think I know too little about linux and how linux works to be sure about this:
Can I simply run the firewall script parallel to the router? Let's say from I think step 4 of the instruction I found on the net
(http://www.instructables.com/id/Raspber ... l/?lang=de)
I also think that the instruction for the Pi-Router has some aspects which they have in common (http://qcktech.blogspot.de/2012_08_01_archive.html) I think I should be able to run these parallel, but what I don't get (and what's probably one of these dumb questions
Here's what I think: Step11 of the firewall-instruction (http://www.instructables.com/id/Raspber ... l/?lang=de) could be enough to add to the router-instruction where it says
This way I'd have the security from the firewall-instruction and a (hopefully working router)For some additional security, lets add some more iptables rules:This blocks access from RFC 1918 subnets on your internet (eth0) interface as well as ICMP (ping) packets and ssh connections.sudo iptables -A INPUT -s 192.168.0.0/24 -i eth0 -j DROP
sudo iptables -A INPUT -s 10.0.0.0/8 -i eth0 -j DROP
sudo iptables -A INPUT -s 172.16.0.0/12 -i eth0 -j DROP
sudo iptables -A INPUT -s 224.0.0.0/4 -i eth0 -j DROP
sudo iptables -A INPUT -s 240.0.0.0/5 -i eth0 -j DROP
sudo iptables -A INPUT -s 127.0.0.0/8 -i eth0 -j DROP
sudo iptables -A INPUT -i eth0 -p tcp -m tcp --dport 22 -j DROP
sudo iptables -A INPUT -i eth0 -p icmp -m icmp --icmp-type 8 -j DROP
Am I totally of the grid?
If so, do you have any ideas for achieving a router with a firewall using a single Pi?
And if so, I'd be glad if someone could give me a hint ...
If the tip is: Don't do it as your first project don't dare to tell me
(edit/not part of the original post
damn I just forgot to add the things about the anonymous thing:
I don't have a clue how to achieve this ... I don't want a thing like the OnionPi, which doesn't work the way it should ...
I think using a proxy for all my traffic would slow down my connection too much. Dunno whether there is a option to achieve this at all, if not ... well than I have to leave it out and go for the rest of my plan ...
best wishes and thanks in advance,
Kevin