by Carla Schroder

Practically Networked invites to join our new weekly series on how to build your own Linux-based network appliance [define]. If you’re a home or small business user with a shared Internet connection and some networked PCs, this is just what you need to secure your LAN with a powerful, flexible device that outperforms comparable commercial devices for a fraction of the cost, or even no cost at all. You’ll learn how to configure Internet-connection sharing and firewalls [define], and how to add useful services such as intrusion detection [define], HTTP caching, name services, file and print sharing, and network storage. It doesn’t matter what your LAN hosts are running, whether it’s Linux, Windows, Mac or something else — your Linux appliance will serve them all.

We’ll take you step-by-step through the entire process. You don’t need to be an ace Linux or networking guru. All you need is some experience with computers, and to not be afraid to roll up your sleeves and wade in. If you have an old PC lying around you won’t even have to spend any money. Best of all, you’ll understand its inner workings, so you’ll be able to customize it to serve your exact needs.

Why Linux?
You may be wondering why use Linux for this?

Because it’s the best tool for the job.

Linux is rock-solid and secure, and supports the widest range of hardware platforms of any operating system, so you may use whatever you like: Intel/AMD 32, Intel/AMD 64, Sparc, Apple, Alpha and many more. Linux scales nicely from home users to small business users to large enterprise users, so it grows as you grow. The value proposition for SOHO users is unbeatable — the software is either free of cost or affordably priced, and chances are you have old hardware lying around that can be recycled for all kinds of useful jobs. If your budget permits new hardware, you might check out some of the low-power, quiet, small form-factor computers like the Soekris boards and Mini-ITX.

Even better is the “free as in freedom” aspect. You won’t run afoul of the license police for making copies. You won’t be troubled with expensive server licenses, or the Byzantine silliness of per-user/per-seat/concurrent-user/client-access licenses piled on top of the expensive server licenses. Nobody is going force you into “voluntary” compliance audits that you have to pay for. You may even modify the source code, though be aware that if you choose to re-distribute it, you need to pay attention to the licensing terms. (See Resources for more information.)

Requirements
You’ll need two PCs — one connected to the Internet so you can download software and get help, and one to serve as your appliance. Your Internet PC should also have a CD or DVD-writer so you can burn your own Linux installation disks, but if you don’t have this you may order installation disks for a small price. Your appliance PC should meet these minimum requirements:

  • AMD K6, Pentium II or Celeron CPU
  • 64 megabytes of RAM
  • 10-gigabyte hard drive
  • CD or DVD-ROM
  • Two Ethernet cards, different brands that use different drivers

Some Linux users pride themselves on getting maximum mileage out of very old, feeble hardware, but be assured your geek cred won’t suffer from using more modern, powerful hardware. Newer machines perform better and aren’t as likely to keel over from exhaustion.

Road Map
We’ll start with a customized Linux installation to make sure you have exactly what you need. After that we’ll build a nice, solid iptables firewall, then continue with other border services. Then we’ll get into LAN services such as file and print serving, and storage and backups. Grab your hardhat and lunch pail, and come back next week to get started.

Resources