Over the last couple of years I’ve been fiddling with various ways of NAT’ing my internet connection at home. I’ve tried little firewall/router boxes from the likes of Netgear, Linksys and Thompson but I’ve always gone back to running iptables on my linux server so that I can firstly have more control and secondly, easily manage the firewall remotely.
Over the years I’ve crafted a set of iptables rules that I use and that work well for me but there’s always some headscratching when I fiddle with the NAT’ing side of things as it seems to be something that my brain has decided how it works isn’t important enough to retain!
About a week ago I had a disk go in my linux server. smartmon was reporting that the disk was running at 160 degrees centigrade so I’m not surprised it had given up the ghost! So after double checking the backups were all in place I pulled out all the various disks that I’d JBOD’d together and replaced them with a pair of hardware RAID mirrored Western Digital Caviar Green SATA disks. I went for the 750GB models rather than the 1TB disks as there’s still quite a premium between the two.
Instead of rolling my own iptables script I thought I’d have a nose around and see what people other people are using. I came across a couple of HOWTOs on the Ubuntu forums but to be honest the scripts weren’t that much better than what I already had. I was looking for something that would improve my situation rather than replace my problems with a new set!
That’s when I came across the arno-iptables-firewall package. I installed it and ran through the debconf questions thinking ‘ooo this is easy’. Tried a ping out from my desktop and.. bah. Didn’t work. So I tried a
dpkg-reconfigure -plow arno-iptables-firewall to see if there were debconf questions hidden below the normal threshold. It gave me a couple more questions including a couple about NAT. A quick restart of the firewall and bish bash bosh! It’s all done!
More information on Arno’s Firewall Scripts can be found here.