| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 70014 | 2006-06-19 10:12:00 | Linux Mepis, setting machine up as a NAT | personthingy (1670) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 464507 | 2006-06-19 10:12:00 | I've just about gone mad trying to get the answer for this out of goggle..... I have a Mepis machine, it hangs of my cable modem, and i'd like it to put eth1 to use as a DHCP server and gateway for the rest of the house. Hints and clues appreciated :D |
personthingy (1670) | ||
| 464508 | 2006-06-19 10:32:00 | The GUI firewall called Firestarter does this with a tick in a box: http://www.fs-security.com/ |
johnd (85) | ||
| 464509 | 2006-06-19 10:43:00 | The actual lines you need in a firewall if you want to do this manually are: modprobe iptable_nat iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE echo 1 > /proc/sys/net/ipv4/ip_forward If you have a dynamic address on the external interface then you also need: echo 1 > /proc/sys/net/ipv4/ip_dynaddr These would be lines in a much fuller firewall (essential!!) such as: http://rocky.molphys.leidenuniv.nl/ |
johnd (85) | ||
| 464510 | 2006-06-19 10:47:00 | John, what file would i be editing if i did it manually? If it makes any difference, i have static IP for the internet I'm downloading installing firestarter anyway, so it looks like in half an hour i've gone from zero to having options..... :D nice, and thanks! |
personthingy (1670) | ||
| 464511 | 2006-06-19 10:49:00 | For DHCP you need a /etc/dhcpd.conf file then make sure the service is started. Your system should have a sample file - let me know if you have problems and I will post a sample. | johnd (85) | ||
| 464512 | 2006-06-19 10:56:00 | John, what file would i be editing if i did it manually? If it makes an You can write your own script and start it with a reference in /etc/rc.local. But you really need a fully featured firewall like the two options I have given you (one GUI and the other command shell). |
johnd (85) | ||
| 464513 | 2006-06-19 11:04:00 | personthingy@3[~]$ firestarter personthingy@3[~]$ su - Password: root@3[~]# firestarter (firestarter:13831): Gtk-WARNING **: cannot open display: root@3[~]#Looks like this might take a little longer than i would like, and no, my system doesn't have a /etc/dhcpd.conf file either, so a sample would be good. Between the token obsticles and the fact that i've been in front of this screen all day, and am starting to see double. I'll be onto this one in the morning, when things seem easy again.. Thanks again. |
personthingy (1670) | ||
| 464514 | 2006-06-19 11:26:00 | 1. Have you got your GUI going? 2. Sample of dhcpd.conf below: ddns-update-style interim; ignore client-updates; subnet 192.168.0.0 netmask 255.255.255.0 { # --- default gateway option routers 192.168.0.1; option subnet-mask 255.255.255.0; # option nis-domain "domain.org"; # option domain-name "domain.org"; # option domain-name-servers 192.168.1.1; option time-offset -18000; # Eastern Standard Time # option ntp-servers 192.168.1.1; # option netbios-name-servers 192.168.1.1; # --- Selects point-to-point node (default is hybrid). Don't change this unless # -- you understand Netbios very well # option netbios-node-type 2; # range dynamic-bootp 192.168.0.128 192.168.0.254; range 192.168.0.10 192.168.0.40; default-lease-time 21600; max-lease-time 43200; # we want the nameserver to appear at a fixed address # host ns { # next-server marvin.redhat.com; # hardware ethernet 12:34:56:78:AB:CD; # fixed-address 207.175.42.254; # } } |
johnd (85) | ||
| 464515 | 2006-06-19 23:39:00 | 1. Have you got your GUI going? Yes...... If you mean am i running KDE, i am, KDE3.4 i thinks. The current set up sees either my machine (debs) plugged directly to the cable-modem, or the cable leading to my sons sleepout plugged into the cable-modem. All of the machines are set up as client machines, with bells, whistles, and no server functions anywhere,,, yet. What i want to do is provide a feed for the other machines, being the sleepout and a couple waiting for me to get a round tuit. 2. Sample of dhcpd.conf below: ddns-update-style interim; ignore client-updates; subnet 19 2. 168.0.0 netmask 255.255.255.0 { # --- default gateway option routers 19 2. 168.0.1; option subnet-mask 255.255.255.0; # option nis-domain "domain.org"; # option domain-name "domain.org"; # option domain-name-servers 19 2. 168. 1. 1; option time-offset -18000; # Eastern Standard Time # option ntp-servers 19 2. 168. 1. 1; # option netbios-name-servers 19 2. 168. 1. 1; # --- Selects point-to-point node (default is hybrid). Don't change this unless # -- you understand Netbios very well # option netbios-node-type 2; # range dynamic-bootp 19 2. 168.0.128 19 2. 168.0.254; range 19 2. 168.0.10 19 2. 168.0.40; default-lease-time 21600; max-lease-time 43200; # we want the nameserver to appear at a fixed address # host ns { # next-server marvin.redhat.com; # hardware ethernet 12:34:56:78:AB:CD; # fixed-address 207.175.4 2. 254; # } }I'm just moving the dhcpd.conf file into position now. I've got a little confusion here, because i have been given too many options :p If i put the dhcpd.conf file into place, and run firestarter, will that combination be enough to get a safe NAT set up with eth0 connecting to the internet at my fixed IP, and eth1 passing it through to my sons machine, and any others that we connect over time, and eth1 running as the DHCP server as well? |
personthingy (1670) | ||
| 464516 | 2006-06-19 23:58:00 | Are you trying to do what Smoothwall Linux can do? | Prescott (11) | ||
| 1 2 3 | |||||