[CentOS] CentOS as a router

Paul Heinlein heinlein at madboa.com
Fri Aug 7 16:27:22 UTC 2009

On Fri, 7 Aug 2009, James B. Byrne wrote:

> I am setting up a small CentOS-5.3 host to act as a router.  I have 
> the device configured and working.  What I am trying to accomplish 
> now is configuring the firewall so as to protect both the router and 
> the LAN. [....]

In the past, I'd have tried to craft the iptables rules by hand. Now, 
older and lazier, I rely on shorewall.

Shorewall generally produces pretty good rules. You can "compile" your 
logic to iptables rules without implementing them, so you could use 
shorewall to generate a set of rules that essentially do what you 
want, look them over, and then revise/implement the ones you like.

Paul Heinlein <> heinlein at madboa.com <> http://www.madboa.com/

More information about the CentOS mailing list