This is just some notes and links about how I set up the firewall and PPPoE on RHEL 7.
For firewalld, a very useful reference is: http://www.certdepot.net/rhel7-get-started-firewalld/ To enable IPv4 masquerading, see this mailing list posting.
For PPPoE, as always the ArchLinux wiki pages are the best.
For about 12 months I’ve been using the ASUS RT-N16 + OpenWRT as my gateway. But you know what? It sucks — I hate that it’s not a real Linux distro, that it’s difficult to upgrade, that it randomly reboots itself, that it only kinda manages IPv6, that it uses a half-assed packaging system, that I can’t run regular tools, and that it’s insecure.
And since I switched over to VDSL @ 80 Mbps which uses PPPoE (ie. no need for DSL terminated at the gateway), it’s time to switch to running a real distro on a real computer.
The first step is to choose a small form-factor PC, crucially with two ethernet ports. Unfortunately Intel still don’t sell NUCs with two ethernet ports. Also Intel NUCs are really expensive. So I’ve settled for a much cheaper alternative:
Total cost (including tax and delivery): £137.87
Note that I already have a spare 2.5″ SSD, but you would need to add the cost of a SATA HDD/SSD if you don’t have one already.
It’ll be interesting to see how fast the USB 3.0 ethernet adapter is in real life, because it’s the obvious weak spot. However I only need the router to be able to forward at 80 Mbps, and even a Celeron and a weak ethernet adapter surely should be able to handle that.