Connecting Linux to the internet, building a firewall, and enabling network address translation for a home LAN are frequent sources of questions. This FAQ describes basic Linux ethernet connection and home LAN configuration. Particular emphasis is placed on network security and firewall construction.

The examples are based on RedHat Linux 5.2 running on an Intel platform. A single LAN connected to an internal interface is assumed. Using a single machine without a LAN involves the same steps, without the references to your local net or masquerading and forwarding.

I chose to write this FAQ for two reasons:

1. All the necessary documentation is included in the online FAQs, HOWTOs and mini-HOWTOS, but there's a lot to wade through if you're starting from scratch.
2. Network security is an important issue for Linux users. Unlike the typical plug-and-play home system, an internet-connected Unix machine is in a high-risk situation. As inexpensive Unix systems become available, people are naturally attracted to them for one reason or another, people who would otherwise never have considered a Unix machine. Without some precautions, these people are going to get hurt in real short order (probably a matter of days, rather than weeks or months).

You'll find a few tips here about Linux setup in general, but only your internet connection and home LAN topics will be covered in any depth. Other configuration topics will be skipped entirely.