[NTLUG:Discuss] Internet Connection Sharing presentation

[terry]

     Testing routers is another use for this experimental method of ICS
that I demonstrated and it is the reason I did it on this laptop in the
first place.  I have deployed a couple of used routers lately and have
ordered them on online from eBay.  When the second one arrived in the mail,
I decided to just test it with my laptop but wanted to test completely and
verify that I was for sure getting the internet connection working properly
and that everything would perform as expected.  I googled ICS for my
distribution and quickly found information that made it easy.
    <digress>I should also add that I've done this before;  I used a
computer as a router for somewhere in the neighborhood of 3 or 4 years. I
used IPcop 13 or 14 years ago. (IPcop is a Linux firewall distribution.)
   </digress>; So about a month and a half ago I tested a router with my
laptop and then another about 3 weeks ago.  I wanted to make sure that when
I arrived [on-site] with the router, the setup time would be minimal.
After having tested the router and selected all the necessary settings, it
was simply a plug-and-play operation on-site.  (I have helped a couple of
friends set up fixed-wireless in their homes and am about to do another one
in a week or two and as you might imagine, almost everyone wants WiFi in
their homes nowadays.) So for me, testing routers has become my current
implementation for ICS on the laptop and I find it quite handy.  I can set
the router up connected to my laptop and test the new WiFi connection with
my phone or another laptop.

---

On Sun, Jul 16, 2017 at 12:43 PM, terry <trryhend at gmail.com> wrote:

> See notes and comments online at: http://fwlug.org/index.php?
> option=com_content&view=category&layout=blog&id=7&Itemid=17
> If you have any questions, fire a way, I'll do the best I can....  Here is
> a stab at one...
>
> I was asked the question; “Why would I be interested in letting a PC do
> router functions?” to which I did not give an adequate response. The short
> answer is that not everyone will be interested and possibly most will leave
> all such things to a router and that router might just have all the options
> we need, but there is always the chance that some of us will find a router
> lacking in some areas and may want to transfer some, if not all, router
> functions to a PC. Whether it’s a small low power machine such as a
> Raspberry PI, or an old laptop, or maybe even the desktop PC we use for
> normal day to day tasks, everyone’s wants / needs vary to one degree or
> another.
>
> There are router / firewall distributions that make all this a bit easier
> such as iPcop, Smothwall, SME Service, pfSense, IPFire, Endian [just to
> name a few]. There will always be some of us that prefer the learning
> experience of a roll-your-own approach. I suppose the main reason someone
> would want to do this is simply; “Because I can”! But there are a few
> features we may not find fully supported in many off-the-shelf routers,
> such as policy-based routing, load balancing, traffic shaping / quality of
> service, multiple uplinks, uplink failover, demilitarized zone, intrusion
> detection / intrusion prevention, web ftp and E-Mail antivirus, antispam,
> and content filtering. It boils down to the rather attractive notion of
> having a full featured Router / Firewall that goes beyond what most routers
> will do. Now we may not need all the features I listed above but just one
> or two may be all it takes to spark this type of venture, (and the above
> list is not totally complete either, I’m sure I left some out).
> Just to be able to say, “I built my own”, may be all it takes.
>
> The main interest is the Firewall aspect and not just any old firewall but
> one that is fully customizable. Building a NAT Firewall puts lots of
> advanced routing features at our disposal.
>
> Let’s say we want to redirect port 25 mail server traffic to a mail server
> of our choosing and you want to block everyone except traffic from your own
> mail server from sending traffic out. Maybe you want to block outside
> access for a particular IP maybe even incoming and outgoing traffic for
> security purposes so that it’s only able to communicate within your LAN.
> Maybe you want to block an outside IP, or a range of outside IP’s. Maybe
> you want to block ping requests to one PC or another or to block incoming
> ping requests to all. Maybe you want to redirect a certain port to a
> non-standard one to some server you may have. Experimenting and learning
> iptables and network address translation can be interesting.
>
> Building your own router may just be an experiment or sort of a hobby,
> [just for fun], but it may turn out to be useful in one way or another – in
> other words, it may turn out to have some practical aspects.
> I welcome any other questions or comments you may have....
> --
> In God we trust.
> <><
>



-- 
In God we trust.
<><