DSL help plz.

Devin Carraway aqua at atlantic.devin.com
Mon Dec 27 22:39:24 PST 1999

On Mon, Dec 27, 1999 at 10:04:52PM -0800, Sebastian Mindling wrote:
> On Mon, 27 Dec 1999 21:46:34 -0800, David Johnson <dgj-dave at pacbell.net> spoke gently:
> >     Hello, this is my first post and hopefully this is the right forum
> > to ask this indepth question.
> > Here Is what I want to do:
> > 1) I have a small (10baset) windows98 network (2 computers)
> > 2) I have a linux box I would like to setup as a router/gateway between
> > the LAN and my DSL connection.
> http://www.linuxdoc.org/HOWTO/IP-Masquerade-HOWTO.html

	It's reasonably good documentation.  The basic procedure, if you'd
find a summary useful, is thus:

1. Assign the win98 machines to IPs in a private IP range, typically either
somewhere in or (the latter is more strictly correct, I
believe), and the Linux machine to the IP dictated by your DSL setup.

2. Get the Linux box talking through the DSL route; mostly this means
setting its IP and gateway, plus DNS.

3. Tell the win98 machines to use the Linux box's IP as their gateway; leave
their DNS pointed at your ISPs nameservers.

4. Activate the Linux box's masquerading -- you'll need a kernel compiled
with IP masquerading for this (most stock kernels are):

# 20m TCP session timeout, 10sec TCP FIN timeout, 1m UDP FIN timeout
ipchains -M -S 7200 10 60
# only permit masquerading from authorized hosts
ipchains -P forward DENY
# activate packet forwarding if it wasn't already
echo 1 >/proc/sys/net/ipv4/ip_forward 
# Add the 192.168.* masquerade block to the forward list
ipchains -A forward -s -j MASQ
# Fixes a few of the more picky services; see /lib/modules/*/ipv4/ip_masq*
# for the rest; most services (e.g. web, mail, etc) work without help.
modprobe ip_masq_ftp
modprobe ip_masq_irc

	... also, since your Linux box is going to be exposed to the world
as a stationary target, be sure to give it a once-over securitywise; don't
run any services you're not using, set your hosts_access files properly,
update your package errata, that kind of thing.  Skipping this step can
bring you untold sufferring later on.

> > 3) I would like to eventually host my own sites using the linux box/as
> > well as share the connection to the LAN.

	Assuming you mean running a webserver, the place to start with that
is to install your webserver of choice (Apache being the usual one), peruse
its documentation (http://www.apache.org/docs/ and similar) and experiment
till you get the hang of things.  If you like documentation in book form,
O'Reilly's Apache book is good for relative beginners.

Devin  \ aqua(at)devin.com, finger for PGP;  http://www.devin.com
Carraway \ IRC: Requiem  GCS/CC/L s-:--- !a !tv C++++$ ULB+++$ O+@ P L+++

More information about the talk mailing list