DSL help plz.
Devin Carraway
aqua at atlantic.devin.com
Mon Dec 27 22:39:24 PST 1999
On Mon, Dec 27, 1999 at 10:04:52PM -0800, Sebastian Mindling wrote:
> On Mon, 27 Dec 1999 21:46:34 -0800, David Johnson <dgj-dave at pacbell.net> spoke gently:
> > Hello, this is my first post and hopefully this is the right forum
> > to ask this indepth question.
> > Here Is what I want to do:
> > 1) I have a small (10baset) windows98 network (2 computers)
> > 2) I have a linux box I would like to setup as a router/gateway between
> > the LAN and my DSL connection.
[...]
> http://www.linuxdoc.org/HOWTO/IP-Masquerade-HOWTO.html
It's reasonably good documentation. The basic procedure, if you'd
find a summary useful, is thus:
1. Assign the win98 machines to IPs in a private IP range, typically either
somewhere in 10.0.0.0 or 192.168.0.0 (the latter is more strictly correct, I
believe), and the Linux machine to the IP dictated by your DSL setup.
2. Get the Linux box talking through the DSL route; mostly this means
setting its IP and gateway, plus DNS.
3. Tell the win98 machines to use the Linux box's IP as their gateway; leave
their DNS pointed at your ISPs nameservers.
4. Activate the Linux box's masquerading -- you'll need a kernel compiled
with IP masquerading for this (most stock kernels are):
# 20m TCP session timeout, 10sec TCP FIN timeout, 1m UDP FIN timeout
ipchains -M -S 7200 10 60
# only permit masquerading from authorized hosts
ipchains -P forward DENY
# activate packet forwarding if it wasn't already
echo 1 >/proc/sys/net/ipv4/ip_forward
# Add the 192.168.* masquerade block to the forward list
ipchains -A forward -s 192.168.0.0/16 -j MASQ
# Fixes a few of the more picky services; see /lib/modules/*/ipv4/ip_masq*
# for the rest; most services (e.g. web, mail, etc) work without help.
modprobe ip_masq_ftp
modprobe ip_masq_irc
... also, since your Linux box is going to be exposed to the world
as a stationary target, be sure to give it a once-over securitywise; don't
run any services you're not using, set your hosts_access files properly,
update your package errata, that kind of thing. Skipping this step can
bring you untold sufferring later on.
> > 3) I would like to eventually host my own sites using the linux box/as
> > well as share the connection to the LAN.
Assuming you mean running a webserver, the place to start with that
is to install your webserver of choice (Apache being the usual one), peruse
its documentation (http://www.apache.org/docs/ and similar) and experiment
till you get the hang of things. If you like documentation in book form,
O'Reilly's Apache book is good for relative beginners.
--
Devin \ aqua(at)devin.com, finger for PGP; http://www.devin.com
Carraway \ IRC: Requiem GCS/CC/L s-:--- !a !tv C++++$ ULB+++$ O+@ P L+++
More information about the talk
mailing list