[debian-edu-commits] [Debian Wiki] Update of "DebianEdu/Documentation/Stretch/Requirements" by WolfgangSchweer

Debian Wiki wiki at debian.org
Fri Feb 17 16:19:22 UTC 2017 

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Debian Wiki" for change notification.

The "DebianEdu/Documentation/Stretch/Requirements" page has been changed by WolfgangSchweer:
https://wiki.debian.org/DebianEdu/Documentation/Stretch/Requirements?action=diff&rev1=5&rev2=6

Comment:
add gateway/firewall information/recipe

  == Internet router ==
  A router/gateway, connected to the Internet on the external interface and running on the IP address 10.0.0.1 with netmask 255.0.0.0 on the internal interface, is needed to connect to the Internet.
  
+ A system with two network interfaces could be turned into a gateway if the Debian Edu 'Minimal' profile is installed.
+ 
+ After the installation:
+  * Adjust the /etc/network/interfaces file.
+  * Change the hostname permanently to 'gateway'.
+  * Enable IP forwarding and NAT for the 10.0.0.0/8 network.
+  * As an option install a firewall and / or a traffic shaping tool.
+ 
+ {{{
+  #!/bin/sh
+  # Turn a system with profile 'Minimal' into a gateway/firewall. 
+  #
+  sed -i 's/auto eth0/auto eth0 eth1/' /etc/network/interfaces
+  sed -i '/eth1/ s/dhcp/static/' /etc/network/interfaces
+  echo 'address 10.0.0.1' >> /etc/network/interfaces
+  echo 'netmask 255.0.0.0' >> /etc/network/interfaces
+  hostname -b gateway
+  hostname > /etc/hostname 
+  service networking stop
+  service networking start
+  sed -i 's#NAT=#NAT="10.0.0.0/8"#' /etc/default/enable-nat 
+  service enable-nat restart
+  # You might want a firewall (shorewall or ufw) and traffic shaping.
+  #apt update
+  #apt install shorewall
+  # or
+  #apt install ufw
+  #apt install wondershaper  
+ }}}
  The router should not run a DHCP server, it can run a DNS server, though this is not needed and will not be used.
  
  If you are looking for a router firewall solution capable of running on an old PC, we recommend [[http://www.ipcop.org|IPCop]] or [[http://www.zelow.no/floppyfw|floppyfw]].

More information about the debian-edu-commits mailing list