Login  UNIX/Linux |
| |
| |
| | Thread Tools |
10-Jun-2004, 06:57 PM
#1 | |||||
 Using netfilter/iptables OK, I've finally figured out that I should netfilter/iptables to use my linux PC as a router (um... right?). The netfilter website says that it is usually included in modern kernels and has a ton of documentation, but I'm having a hard time understanding it; it all seems to fall either on one side (very abstract with metaphors and generalizations) or the other (chunks of code and commands without context) of the "documentation spectrum." For example, the section I just want masquerading! Help! (which is my position exactly). If anyone even sees simply where that stuff should go, it would be very helpful. I know I should probably figure this out myself but I've just been going in circles with it  Or if you're feeling in a particularly wonderful mood, how would I go about doing the following? I need to set up a linux PC with 3 network cards, one with IP assigned by DHCP which provides/accesses an internet connection and 2 connected to other PC's which need to access the connection. I don't need anything fancy at all, just the most basic system to get all 3 machines using the connection. Thanks in advance for any response! |
| |
10-Jun-2004, 07:44 PM
#3 | |||||
| Ok Squashman. Have I mentioned lately that I love you?  P.S. And I wish I could help with your question (I've never seen one from you before), but I don't use either of those systems  |
11-Jun-2004, 10:51 AM
#5 | |||||
| Oh yeah, thanks! I had considered that a while ago but it slipped my mind. "Running Linux, a 486 with 16megs of RAM, worth almost nothing, can outperform a dedicated firewall costing several thousand dollars." Sweet I'd still like to know how to use netfilter/iptables myself (I had intended to finally get Slackware running) but just the same this sounds perfect, I'll try SmoothWall, I think.EDIT: Smoothwall site's down right now, apparently... well, hopefull that's just temporary. I'll try back later. EDIT #2: Well, it's back up and I'm downloading the Smoothwall Express 2.0 ISO now. I know this is a highly specialized distro, but would it be possible to get other linux programs running on top of smoothwall, do you think? Non-GUI of course... Last edited by Dirk Gently : 11-Jun-2004 12:07 PM. |
11-Jun-2004, 02:10 PM
#6 | |||||
|
__________________ The slowest component still sits at the keyboard. |
11-Jun-2004, 06:32 PM
#7 | |||||
| Ah! Exactly! I understand now. That helps a lot. See, I was thinking those looked like commands, but the comments confused me (I mean, I'm not about to enter comments into a terminal, now am I? ) It's all... well, not quite crystal-clear, but much closer to it! One quick question, in that set of code, could I just change ppp0 to eth0 to get that to work? (Assuming at this point i just have eth0 and eth1)... I've never had anything "ppp" on linux with this connection before, just "eth". Well, either way I'm going to go fiddle around with it now Thanks again! |
11-Jun-2004, 07:18 PM
#8 | |||||
| Gah! Smoothwall it is then, I guess, for now. On knoppix I tried using the "ADSL/PPoE Configuration" program, even though my connection worked fine, because I could only see eth0. After that I could see eth0, eth1, and ppp0. Connection acted the same. what is ppp0, then? PPPoE confuses me Anyway, the commands didnt' seem to do anything, after trying them for eth0 and ppp0 both I got this:knoppix@ttyp1[knoppix]$ netstat -M netstat: no support for `ip_masquerade' on this system. I'm going to burn and run the smoothwall ISO and try that out, finally. I'm probably just screwing something simple up but that seems like the best path. Thanks again for all your help. |
11-Jun-2004, 09:04 PM
#9 | |||||
|
__________________ The slowest component still sits at the keyboard. |
11-Jun-2004, 10:27 PM
#10 | |||||
| Well, I tried both and got the same result (nothing). What I meant by 3 cards was that I need to get all 3 PC's online, so the router one needs one card to access the WAN (internet through DSL modem in this case) and 2 other cards to connect to the two other PC's. At this point I don't actually *have* the router one; my connection goes modem > PC1 > PC2 , so PC1 has 2 cards. I figured to get all of the up I'd need 3 cards (well really this means one integrated ethernet port and 2 ISA cards, but anyway) for the router, so: Code: modem --- router PC ---- other PC
|
`--------- other PC |
12-Jun-2004, 01:24 AM
#11 | |||||
|
__________________ The slowest component still sits at the keyboard. |
13-Jun-2004, 06:55 PM
#12 | |||||
| As usual, I'm definitely missing something  ... How can I use a single card to connect to the other 2? There is nothing involved here but 3 comptuers, NIC's inside them, and network cables (it's all ordinary wired ethernet by the way) EDIT: A little bit more clarification, they definitely are all on the same subnet, it is (it will be, that is, hopefully) and extremely simply set-up. And on another note, thanks for sticking with this for this long! |
13-Jun-2004, 08:04 PM
#13 | |||||
| OK, it's entirely possible I'm misunderstanding something fundamental (I specialize in spectacular mistakes!  ), but it seems as though what you want to do is to connect 2 workstations with a third workstation that will be functioning as a router, and all workstations are using the same type of connection and are on the same subnet. So let's back up a little (and my apologies if I've missed the obvious -- just let me know, and we'll go from there ...).For a moment, let's forget about having a router PC at all; let's just assume that you have a working network. How many cards are in each workstation on the network (again, assuming the configuration given above)? As far as I know, you need only one card in each workstation to communicate with any other workstation on the network (even those on other subnets, with proper routing) -- if this were not true, you would need to add a card to each workstation every time a new workstation was added to the network (which might be great for the hardware vendors, but hardly practical for most of us! ). Your router PC is (almost) no different -- it is a workstation on the local network, and so needs one card to communicate with all other workstations on the local network -- just like any of your other workstations that are not performing routing duties. As you point out (and quite correctly), the router PC also has to communicate with the outside world (i.e., the internet and your modem); this requires an additional card because your router PC must be able to forward outgoing requests from your LAN to the outside world, and to accept incoming data from the outside world and forward it to workstations on your LAN. The outside world is (usually) on another network. So let's stop there for the moment, just in case I've (already!) missed the obvious ( ). Please feel free to clarify/correct as needed.Hope this helps.
__________________ The slowest component still sits at the keyboard. |
13-Jun-2004, 08:27 PM
#14 | |||||
| Well, that all makes sense to me, except for one bit. Forgetting the router PC, like you said, there are two workstations. The one has 1 card and is the "end of the line" in any case. The other currently has two cards, one connected to the modem and one connected to the other PC. But assuming I'll have the configuration I want, you're right, those two will both only need one card each. The part I still don't understand Is how I could physically connect one computer (the eventual router one) to multiple others through a single card for the "LAN". |
| You Are Using:  |
Advertisements do not imply our endorsement of that product or service. All times are GMT -4. The time now is 01:13 PM. Copyright © 1996 - 2008 TechGuy, Inc. All rights reserved. Powered by vBulletin, Copyright © 2000 - 2008, Jelsoft Enterprises Ltd. Search Engine Optimization by vBSEO 3.1.0 |  |
