Iptables in slackware

alpha_hack · 10-15-2007, 07:07 PM

Hi there,

I'm facing a problem with iptables. I'm new in network configuration in linux and I want to set up two networks. I have a LAN at home and at School and I want to be able to change my networks when I'm at school/home. I'm told that it can be done with iptables but I'm not quite sure if it's possible ?

Particularly I want to do something like this:

Code:

eth0      Link encap:Ethernet  HWaddr 00:03:0D:0D:4D:32  
          inet addr:192.168.1.123  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr:*** Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:86527 errors:0 dropped:0 overruns:0 frame:0
          TX packets:90433 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:65037673 (62.0 MiB)  TX bytes:34605949 (33.0 MiB)
          Interrupt:17 

eth1      Link encap:Ethernet  HWaddr 00:03:0D:0D:4D:32  
          inet addr:192.168.0.123  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr:*** Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:86527 errors:0 dropped:0 overruns:0 frame:0
          TX packets:90433 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:65037673 (62.0 MiB)  TX bytes:34605949 (33.0 MiB)
          Interrupt:17 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:3919 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3919 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:1845955 (1.7 MiB)  TX bytes:1845955 (1.7 MiB)

I hope you understood me..
If somebody could give me some information about how it can be done and what am I supposed to know to do it. I want to do some reading ( I don't expect someone just tell me the commands

)

P.S. I'm sorry for the wrong forum category... Could someone please move my topic to Networking ? Thanks in advance!

Best wishes,
tftd

aherrys · 10-15-2007, 09:29 PM

Actually I am not sure what you are actually trying to do.

Iptables is used mainly for security reason, or if you want to build a router/firewall out of a linux machine. It can be configured with a specific rule, to drop, alter or pass the properties (like IP address, port etc.) of certain IP Packets based on certain criteria from or out of your machine.

And these are done mainly for security reason, for example like NAT (Network Address Translation) feature in a firewall.

If you want to change your machine IP address based on the location where you at, then may be iptables is not what you are looking for. I would think that you probably should be looking into dhcp or someway to manipulate your rc.inet1 while it is booting up.

Anyway here is some links that I found good on iptables:

http://www.linuxguruz.com/iptables/howto/ - A MUST read

http://www.justlinux.com/nhf/Securit...es_Basics.html

davimint · 10-15-2007, 10:47 PM

alpha hack
I'm trying to learn networking so when I looked at your example on eth1 I'm confused
as to it's output. You have a masked the last 8 bits of a number but it shows a broadcast of 192.168.1.255 and IP address of 192.168.0.123 so it would not be on the same network as I understand it.
Like I stated "I'm learning" so maybe I don't understand what your asking.

alpha_hack · 10-16-2007, 02:07 AM

Hi there,

I'm actually tying to make 2 different networks and switch them.
Like on windows, you can create different networks, enable and disable them.

I am sure it's possible on linux but don't know how and what I'm exactly looking for... So sorry if I am asking stupid questions :P

Best wishes,
tftd

Alien_Hominid · 10-16-2007, 02:19 AM

If you get your network address using DHCP protocol, then just rerun rc.inet1 each time. You can find it in /etc/rc.d

alpha_hack · 10-16-2007, 02:55 AM

Quote:

Originally Posted by Alien_Hominid

If you get your network address using DHCP protocol, then just rerun rc.inet1 each time. You can find it in /etc/rc.d

I've saw that. Fortunately my school has DHCP. So, I'm currently online, but I was wondering if it's possible to have another network which I could "ifconfig ethX up" when I need it?

Alien_Hominid · 10-16-2007, 03:35 AM

So you need to write a script which swaps rc.inet1.conf

alpha_hack · 10-16-2007, 03:48 AM

Quote:

Originally Posted by Alien_Hominid

So you need to write a script which swaps rc.inet1.conf

Ok then, what documentation will I need to read to do that ?

Alien_Hominid · 10-16-2007, 06:50 AM

Open rc.inet1.conf and all settings are explained there.

Basically, you need the scripts which do something similar to:

Code:

mv /etc/rc.d/rc.inet1.conf /etc/rc.d/rc.inet1.conf.school
exec /etc/rc.d/rc.inet1

and

Code:

mv /etc/rc.d/rc.inet1.conf /etc/rc.d/rc.inet1.home
exec /etc/rc.d/rc.inet1

rworkman · 10-16-2007, 09:19 AM

Personally, I'd just serve dhcp in my home network too and be done with it. Problem solved.

Alternatively, you could create a short script to use ifconfig(8) and route(8) to manually configure your network. See /etc/rc.d/rc.inet1 for examples of how to use those two commands.

alpha_hack · 10-17-2007, 04:40 PM

Ok,

Thanks a lot for the valuable information you gave me !

Best wishes,
tftd

reikyv · 10-18-2007, 03:30 AM

Hi, I do have the same problem before. But I was using RHEL that time, and I need to travel to different places, e.g. home, office, client side. And I feel tired to edit the network configuration file everytime. So I wrote my own shellscript to help me do this job. And then everytime when I am at a different place I just select the proper option from there.

Anyway, you don't need to be a experienced shellscript guru to do that, if you have time, go to this site:
http://www.linuxcommand.org/writing_shell_scripts.php