[CentOS] Using a CentOS 6 Machine as a gateway/router/home server

Mon Jun 29 15:25:15 UTC 2015
m.roth at 5-cent.us <m.roth at 5-cent.us>

david wrote:
> At 07:43 AM 6/29/2015, you wrote:
>>James B. Byrne wrote:
>> > On Mon, June 29, 2015 02:14, Sorin Srbu wrote:
>> > OS 6?
>> >>
>> >> Please note: I'm not criticizing, just curious about the argument
>> >> behind using a regular OS to do firewall-stuff.
>> >
>> > Maintenance.
>> >
>> > A consistent set of expectations does wonders for debugging odd-ball
>> > occurrences.  Why learn the idiosyncrasies of two distros when one
>> > suffices?  Just start with a minimal CentOS install on your
>> > router/gateway and add only the packages that you know that you need.
>> > Any critical omission will evidence itself in short order and can be
>> > added then; or the source of the need removed as circumstance
>> > warrants.
>>Yup. For, um, about a dozen years, I ran RH 7.1,7.2, 7.3, and eventually
>> 9
>>on an old box that was nothing but a firewall router. I was seriously
>>paranoid - no gcc or any development tools, no X, not much of anything.
>> To
>>the best of my knowledge, we never had a breakin.
>>I'm running DD-WRT on an ASUS router these days, and I'm *NOT* wildly
>>impressed. I mean, it seems ok, but the project is run in what I can only
>>describe as "amateur", in the worst sense of the word. The several
>>official developers release a build, and you can choose which one of
>>who's; people on the mailing list have "favorite builds", which is not a
>>phrase I have *ever* heard used with an o/s before, and I'm afraid to
>>update, as some of their "documentation" is out of date, or wrong.
>>At some point, I may just get a PI, and run CentOS, or some
>>firewall/router distro, though that would mean not having WiFi for
>> guests.
>>        mark
> Mark
> The WiFi solution I use still uses a Centos 6
> firewall/router/gateway, but one of my inside devices is a WiFi
> router.  Rather than doing double routing, I connect one of the
> WiFi's LAN connections via a switch to my Router via a switch,
> leaving the WiFi Router's WAN conection unused.  That way, my gateway
> (and not the WiFi router) is the DHCP server, and can enforce
> whatever firewall rules I want to apply.
> No need to give up your guest WiFi if you stick with a Centos gateway.

Hmmm... that's a thought. On the other hand, for defence in depth, I'm
sort of leary about using my own system as a firewall. As I noted, on my
old firewall/router box, I had almost nothing. That's why I'm considering
a PI....