These instructions assume:
- This is a dedicated firewall performing no other activities other than blocking and routing.
- You have 2 network cards enabled and properly configured — one facing the public Internet, the other facing a private LAN using a non-routable IP range.
- eth0 = public internet
- eth1 = private LAN
- your existing IPTABLES rules are ordered correctly (i.e. Make sure you don’t have a default DROP rule above any of these that you’re going to create below).