Building a Firewall

Home Firewall

Small Network Firewall Project

What?

The following is documentation of my project to build a better small network firewall. If you aren't interested in networking, computers, TCP/IP and related subjects, you might want to quit reading now.

In the beginning, there were computers. Lots of computers, all of them in my house, and all of them networked through both Cat5e/Cat6 cable and wireless (802.11b/g) connections. I used the ubiquitous Linksys broadband router as a firewall and liked it, sort of. Having set up and administered numerous corporate firewalls, I knew that I could build something better, but somehow never got around to it. Until now.

So what is a firewall? Let's start with what it's not. It's not absolute, magic-bullet protection from the Internet. No matter what advertising you've seen or what silly computer magazine you've been reading, a firewall does not protect you against all the bad things that can get on your computer and seriously hinder your ability to download porn. Why doesn't it protect your machine against all these terrible things? Because you, unwittingly or not, can invite viruses, trojans, spyware and other nasties in by installing software from the internet, clicking on ads, or through email. When you invite these things onto your computer, you override the firewall.

So why have a firewall at all? Because it's one more layer of protection. Before you go off buying every network security product on the market, you need to evaluate how many levels of protection you need. For my household, full of IT professionals, a firewall, frequent patching and some decent anti-virus software are enough. It keeps out things like worms, script kiddies, sloppy hackers, and other deviants intent on getting access to my vast collection of MP3s. At the same time, I would like to be able to get into my home network remotely in case I need something, so the firewall also serves that purpose: keeping bad things out while letting good things in. Enough ranting on simplified firewall theory, let's get down to building one.

Why?

Besides basic firewalling, I wanted to allow limited service access to my home computers for selective FTP and SSH as well as get some acceleration of my broadband connection through caching DNS and any other means possible. Also, I just wanted to tinker with something, because that's how I am.
Click Here for the Next Page

Firewalls DO NOT provide complete protection for your computer(s). Your brain is the best protection.