IPMasq in Debian (config & boot)
 

Hi,

We're getting a cable modem installed next Thursday. (We can only afford it because its shared.)

Enter Linux. 8 days ago I typed my first unix command. Since then I've even re-compiled a kernel. Terrifying!

Right then, eth0 is 192.168.1.1 and goes to a hub to which all our computers are connected.

eth1 will go to the cable modem.

dhcpd is running on eth0 to configure the LAN.

eth1 will be configured by dhcp-client.

I've set these up already.

Next is IP Masquerading.

I've been reading the HOWTOs, but they tend to be biassed towards RedHat and are either too simple or too complex.

Here goes.

1)
besides all the ipchains stuff, do I need to add lots of routes (using route), in particular a default route to eth1?

2)
There are lots of really complex lists of ipchains commands suggested. Surely
# ipchains -P input DENY
# ipchains -P output DENY
# ipchains -P forward DENY
# ipchains -A forward -s 192.168.1.1/24 -j MASQ
is all that is needed.

----
ASSIDE: I installed the ipmasq package which is supposed to do everything magically. I don't trust it, and I don't understand what it installed. It was duly removed.
----

3)
Whatever the right commands are, how do you get them to run automatically at boot?
(I've read more ways to do this than I've had hot dinners and I trust none of them!)

4)
In some scripts the IP address of eth1 is used explicitly in the ipchians commands. Would this screw everything up when eth1 gets a different address from the ISP's DHCP server?
My suggestion (above) is immune from this problem, is it not?

Thanks very much.
Richard.