| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 70014 | 2006-06-19 10:12:00 | Linux Mepis, setting machine up as a NAT | personthingy (1670) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 464517 | 2006-06-20 00:51:00 | Are you trying to do what Smoothwall Linux can do?I haven't used smoothwall, so i can only guess, and say you tell me :D At the moment the last thing i need is more options, so i'll stick to getting this going, if it will. _______________________________________________ OK, i logged graphicly in as root, that got firestarter going, but there were errors with eth1.... I'll get back to this soon, but have urgent work now... back later :D |
personthingy (1670) | ||
| 464518 | 2006-06-20 02:11:00 | Do you have an old doorstop with a couple of network cards lying around? You could use it as a dedicated router / firewall - and that way your PC wouldn't have to be permanently switched on. I use m0n0wall (m0n0.ch) for this, but smoothwall and IPCop are also good choices, although they will need a gruntier machine than m0n0wall will. IMO m0n0wall is better (and it's definitely smaller), but there are also those who prefer one of the other options. | Erayd (23) | ||
| 464519 | 2006-06-20 05:32:00 | root@1[~]# firestarter Firewall started Failed to start DHCP server I suppose this means i have issues with the DHCP server? I just went to synaptic package manager, and ran a search for dhcpd, where upon it found several options, none of which are currently in my system. dhcp is on its way.. It also installed a somewhat different dhcpd.conf file # # Sample configuration file for ISC dhcpd for Debian # # $Id: dhcpd.conf,v 1.4.2.2 2002/07/10 03:50:33 peloy Exp $ # # option definitions common to all supported networks... option domain-name "fugue.com"; option domain-name-servers toccata.fugue.com; option subnet-mask 255.255.255.224; default-lease-time 600; max-lease-time 7200; #subnet 204.254.239.0 netmask 255.255.255.224 { # range 204.254.239.10 204.254.239.20; # option broadcast-address 204.254.239.31; # option routers prelude.fugue.com; #} # The other subnet that shares this physical network #subnet 204.254.239.32 netmask 255.255.255.224 { # range dynamic-bootp 204.254.239.10 204.254.239.20; # option broadcast-address 204.254.239.31; # option routers snarg.fugue.com; #} #subnet 192.5.5.0 netmask 255.255.255.224 { # range 192.5.5.26 192.5.5.30; # option name-servers bb.home.vix.com, gw.home.vix.com; # option domain-name "vix.com"; # option routers 192.5.5.1; # option subnet-mask 255.255.255.224; # option broadcast-address 192.5.5.31; # default-lease-time 600; # max-lease-time 7200; #} # Hosts which require special configuration options can be listed in # host statements. If no address is specified, the address will be # allocated dynamically (if possible), but the host-specific information # will still come from the host declaration. #host passacaglia { # hardware ethernet 0:0:c0:5d:bd:95; # filename "vmunix.passacaglia"; # server-name "toccata.fugue.com"; #} # Fixed IP addresses can also be specified for hosts. These addresses # should not also be listed as being available for dynamic assignment. # Hosts for which fixed IP addresses have been specified can boot using # BOOTP or DHCP. Hosts for which no fixed address is specified can only # be booted with DHCP, unless there is an address range on the subnet # to which a BOOTP client is connected which has the dynamic-bootp flag # set. #host fantasia { # hardware ethernet 08:00:07:26:c0:a5; # fixed-address fantasia.fugue.com; #} # If a DHCP or BOOTP client is mobile and might be connected to a variety # of networks, more than one fixed address for that host can be specified. # Hosts can have fixed addresses on some networks, but receive dynamically # allocated address on other subnets; in order to support this, a host # declaration for that client must be given which does not have a fixed # address. If a client should get different parameters depending on # what subnet it boots on, host declarations for each such network should # be given. Finally, if a domain name is given for a host's fixed address # and that domain name evaluates to more than one address, the address # corresponding to the network to which the client is attached, if any, # will be assigned. #host confusia { # hardware ethernet 02:03:04:05:06:07; # fixed-address confusia-1.fugue.com, confusia-2.fugue.com; # filename "vmunix.confusia"; # server-name "toccata.fugue.com"; #} #host confusia { # hardware ethernet 02:03:04:05:06:07; # fixed-address confusia-3.fugue.com; # filename "vmunix.confusia"; # server-name "snarg.fugue.com"; #} #host confusia { # hardware ethernet 02:03:04:05:06:07; # filename "vmunix.confusia"; # server-name "bb.home.vix.com"; #} |
personthingy (1670) | ||
| 464520 | 2006-06-20 07:25:00 | I run Smooothwall on a P200 with 64MB and it runs fine (even has some spare memory available) and a 1.2GB hard drive. You can run a proxy server too. | dolby digital (5073) | ||
| 464521 | 2006-06-20 08:47:00 | I run Smooothwall on a P200 with 64MB and it runs fine (even has some spare memory available) and a 1.2GB hard drive. You can run a proxy server too.Setting up a third machine is NOT an option here. I'm quite happy to leave Debs on, and all the doorstops here are too old to support HDDs of any size that is worth using, and as the next step is file sharing, i'm going to have to leave Debs on anyway. All the errors here point to dhcpd not starting, so i'm going to install the "shcp3-server" package seeing Mepis didn't come with DHCPD of any sescription, and the dhcp package didn;t do it for us. :( |
personthingy (1670) | ||
| 464522 | 2006-06-20 09:37:00 | I just want to be clear about the two different options I have given: 1. Set up a command shell firewall script like the one given at rocky.molphys.leidenuniv.nl Setup a dhcpd.conf file and start the dhcpd service. 2. Install a GUI firewall (such as http://www.fs-security.com/). This tool has a DHCP server as part of it - no configuration needed as far as I know except tick the box. >and eth1 running as the DHCP server as well? Also to clarify - an ethernet card doesn't run as a server - a PC or device is the server and the NIC is either allocated a static address or a dynamic address from the server. Gateways need a static address so they never change. |
johnd (85) | ||
| 464523 | 2006-06-21 07:56:00 | Ok..... I could be a bit confused, but my understanding is that i allocate 203.97.119.70 to eth0, and somehow allow eth1 to pass the internet through to other machines. To do this i was of the understanding that i had to give it an IP address, probably 192.168.0.1, and a DHCP server within my machine would have a chat to anything downwind of eth1, and give it an address for the LAN. The latter part seems to be where the whole thing is failing. Mepis OS centre, the not so great tool that allocates addresses, and controls network interfaces tells me that eth1 "won't start", and when i installed firestarter, the app that i understood would sort all this out for me, it complained about "not being able to start the DHCP server", even though i have now installed dhcp3-server. Prior to that there was no dhcpd server at all. I'm monitoring eth0 and eth1 with Ksysguard, and when i swapped the cables round, it reported activity on eth1 as well, which to me implies that eth1 is not entirely dead, but just failing to do what i want it to. To further confuse things, power dropped this afternoon, and when it was reset and i restarted Debs, eth0 and eth1 had swapped cards I'm thinking that the idea of running a firewall/fileserver on another machine might be a good idea, but to hell with it, i really want to get it happening on this machine as this machine is all ready on most of the day anyway. |
personthingy (1670) | ||
| 464524 | 2006-06-21 10:36:00 | It appears from www.fs-security.com that Firestarter must have dhcpd (not another dhcp server). However you don't have to use DHCP - especially on such a small network why not just manually assign TCP/IP numbers? I'm not sure what is going on with your NICs - are you sure that the drivers are 100% OK? Have you got any other NICs to try. I have found with Linux the DSE cards with the RTL8139 chips at about $15 are great. |
johnd (85) | ||
| 464525 | 2006-06-21 11:16:00 | It appears from www.fs-security.com that Firestarter must have dhcpd (not another dhcp server). However you don't have to use DHCP - especially on such a small network why not just manually assign TCP/IP numbers?Sounds like i'm best of removing the dhcpd3 thingy altogether, and using a static IP. I'm not sure what is going on with your NICs - are you sure that the drivers are 100% OK? Have you got any other NICs to try. I have found with Linux the DSE cards with the RTL8139 chips at about $15 are great.I'm not sure either. Ones the onboard device, that's the one that as of this afternoons power issue decided to be eth0, the other... Well a picture is worth more than my error prone typing out of Kinfocenter www.millerton.co.nz in all honesty this doesn't mean a lot to me, but if there is some way to make the system make up its mind which is what, i'll be a lot more confident about getting this happening. My previous machine which was saved from a skip, and is going back to one did the same thing, so maybe its a Mepis bug? |
personthingy (1670) | ||
| 464526 | 2006-06-21 11:29:00 | Shouldn't have to remove dhcpd3 - it shouldn't do any harm. The screen shot is just of the interrupts used so can't tell too mcuh from that. I have struck NICs before that all appears right but will not transmit - could be the case here?? |
johnd (85) | ||
| 1 2 3 | |||||