[2024-feb-29] Sad news: Eric Layton aka Nocturnal Slacker aka vtel57 passed away on Feb 26th, shortly after hospitalization. He was one of our Wiki's most prominent admins. He will be missed.

Welcome to the Slackware Documentation Project

Build A Slackware Router (Quick and Dirty Instructions)

On many occasions, I've needed a simple router that can do more [sub-netting] than your standard SOHO router but didn't need the complexity of something like pfSense. If you need a simple small router, a Raspberry Pi (with USB network adapters) + SlackwareARM (http://sarpi.fatdog.eu) works great. Regular Slackware on cheap x86 hardware works great also!

How to do it

1) Install Slackware/SlackwareARM and make sure you have at least TWO network interfaces. For our examples:

  • ETH0 will be the WAN NIC
  • ETH1 & WLAN0 will be the LAN

2) Setup the WAN network interface as DHCP [client] or STATIC IP (as needed) and the LAN(s) as static IPs. (We'll address setting up a DHCP server on the LAN further down).

3) Enable IP FORWARDING:

 sudo chmod 755 /etc/rc.d/rc.ip_forwarding

NOTE: I've had this not work in the past. What ALWAYS works is:

vi /etc/rc.d/rc.firewall

ADD:

echo 1 > /proc/sys/net/ipv4/ip_forward

4) Enable masquerading:

vi /etc/rc.d/rc.firewall

ADD:

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

If you reboot at this point, you'll have a very basic working router.

Adding niceties

DHCP server on the LANs

You can set up DHCPD (included in Slackware) but using DNSMasq is SOOOOO much easier:

vi /etc/dnsmasq.conf

ADD/CHANGE:

port=0
interface=wlan0
interface=eth1
dhcp-range=10.3.2.0,10.3.2.254,12h
dhcp-option=6,8.8.8.8.8.8.4.4

WHERE:
port=0 disables DNS function and only allows DHCPD.
interface specifies which interfaces to listen to for DHCP requests.
dhcp-range specifies the DNS range start IP and end IP and the lease time.
dhcp-option=6,x.x.x.x specifies a DNS server IP to pass to connected clients.

Then enable DNSMasq:

chmod 755 /etc/rc.d/rc.dnsmasq

Firewall tricks

So much you can do here. Do a web search on iptable rules.

One useful rule is- DISABLE SMB/NETBIOS requests through the router:

iptables -A INPUT -p udp --destination-port 130:145 -i eth0 -j DROP

Sources

 howtos:misc:slackware_router_-_quick_and_dirty ()