Ok I have been doing the M$ thing for too long. I used to do UNIX support, but have forgotten a lot.

I'm trying to configure my Linux box to share its internet connection(eth0) with two seperate ethernet cards(eth1, eth2).
I do not have a budget(so says the wife) to buy a router, or hub(at current), and had a fully functioning network using Windows XP to connect, and the same hardware configuration(really brainless ease of setting up a network "Bridge"). I'm hoping I can set up the network to use Linux(Mandrake 9.1) instead of the XP box. My question is how?

3 computers
- 1 Mandrake Linux Box
- 1 XP home
- 1 XP Pro

Mandy box has 3 NIC's(used to be XP)
Each XP has one,
The two XP boxes are connected to the Mandy box via crossover cables.
The Mandy box connects to the Internet.
I can get one XP box on at a time(internet connection sharing through DrakGw)
Any help would be appreciated

Tommy cat

What you're looking for is Network Address Translation (NAT), aka packet forwarding.

There's a utility called Firestarter that will configure it for you if you're in a hurry, or you can write the ruleset yourself using iptables.

Thanks, that is a nice easy configuration tool, but it still only lets me share my internet connection to 1 NIC
I could share to both in XP, and was wondering how to do it in Linux(Mandrake)

Hm, its quite possible, but I'm afraid you'll have to get your hands dirty with iptables. I have to run off to work right now, but I'll see if I can think up a ruleset that might work while i'm flipping burgers.

If you can't wait, google : ).

http://www.linuxguruz.com/iptables/h...les-HOWTO.html

http://www.tldp.org/HOWTO/IP-Masquerade-HOWTO/

Reading is fun, because knowledge is power!

Definitely read those howtos, but I'm pretty sure something like this will give you what you need (one entry for each ethx, will assume eth0 goes to your ISP)

bash# /sbin/iptables -A FORWARD -i eth0 -o ethx -m state --state ESTABLISHED, RELATED -j ACCEPT

bash# /sbin/iptables -A FORWARD -i ethx -o eth0 -j ACCEPT

bash# /sbin/iptables -A FORWARD -j LOG

bash# /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

You might want to add in a forwarding rule for your ISPs nameservers, although I'm pretty sure it won't be necesary.

~Andrew

Oh yeah, maybe think about blocking UDP requests.

I'm not sure, but I don't think anything but Barney Rubble comes from UDP

DNS uses UDP, Some games use UDP, some messaging services use UDP, ... Long story short, UDP is used. Blocking UDP is a bad idea, but that first post was gold.

BTW, has advertising to get people's old gear worked for you, andrew? If so, maybe I should try it I'm running a 486 w/ 36MB (Yes, 36) of RAM (slackware 8.1) as my DSL router

BlindSight: well, win some/lose some.

So far my advertising hasn't turned up much, I think most linux users are pretty keen on holding onto old parts.

However, I recently gank a Toshiba laptop from a local University with under 8 (that's right, 8!!!) mb of RAM. NetBSD from about two years ago suited it well : ).

~Andrew

Big Thanks for all the help.

Too bad I have to wait til the weekend to try it out. School and work kinda keep me busy through the week.

At any rate I was lucky enough to catch one of my employers getting ready to trash several machines. I liberated a few 333mhz machines from the trash heap(hey they're better than the 8088 Just kidding). They still had RAM in them(64 megs of PC100 RAM each). Some companies upgrade a lot. Some will even pay you to get rid of their old machines. My wife won't let me have anymore(I have 4 shells with older Pentium™s on them). My spare bedroom is beginning to look like a test center. Heck the Mandy box I'm setting up is one of those liberated machines. I gotta start selling some of this stuff

Well I found a nifty script while waiting to test this weekend. This one is great to share the internet connection with multiple NIC's
Modified version of darchon's firewall script found here