Here's a quick and dirty way to get a NAT/Masquerading iptables firewall working on your home network:

1. Download the script from http://www.linuxguruz.org/iptables/s...rewall_023.txt and (as root) save it as /etc/my_firewall.

2. Modify the following line in the script to suit your distro:

IPTABLES="/usr/sbin/iptables"

For example, in RH 7.3, iptables is located in /sbin/, not /usr/sbin.

While you're at it, add lines similar to the following (for RH 7.3):

IFCONFIG="/sbin/ifconfig"
ROUTE="/sbin/route"

to suit the actual location of those utilities in your distro.

3. Replace every instance after the above definitions of "ifconfig" and "route" with "$IFCONFIG" and "$ROUTE." Use something like kedit to do this automagically using the Replace function (Ctrl R).

4. Edit the default external and internal interfaces to suit your box, e.g.:

DEFAULT_EXTIF="eth0"
DEFAULT_INTIF="eth1"

5. Save the edited firewall.

6. Put a line in /etc/rc.local (create the file if it doesn't already exist) like so:

sh /etc/my_firewall start

7. Use ntsysv, chkconfig, or Webmin to edit the startup files so that ipchains is NOT loaded but iptables is. Ipchains will take precedence over iptables, which we don't want.

8. Reboot your box.

You should now have a functioning gateway/router box using iptables. Note that it is irrelevant whether the external NIC is static IP or DHCP. Mine is DHCP.

You can edit the other rules in my_firewall to suit your tastes once you get the hang of it.

Good luck and let me know how it went.