Linux gateway on a LAN and the rest of the boxes are XP
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Linux gateway on a LAN and the rest of the boxes are XP
Hi there, I have Mandrake 10.0 installed on my computer, and i'd like to turn it into the gateway of the lan at home, the rest of the computers are 3 that are running XP and 1 that is running win98se...
basically, you need to have ip forwarding enable and iptables installed on your mandrake 10. For beginner, i would recommend firestarter. it's easy to setup. Others linux firewalls are shorewall, gshield and etc. If you want to build your own custom iptables script, then you should refer to iptables/netfilter website regardings the docs.(www.netfilter.org) Cheers!
Have a look here, www.fli4l.de, the one disk router, easy to configure, even for newbies, runs on a 486 with 16mb ram, hundreds of opt_packets available, very modular, so you can do what you want with it.
Boots from Floppy, CD, Hard Drive, or usb stick, or alternatively seeing as you can afford more than one computer, and assuming they are all yours you are not the poorest of souls, so just buy a hardware router
let me see if i get this right, the only way is to have 2 nics?
i can't believe it, i can do the very same thing with only one nic at WIN XP, there must be a way to do it with one nic at linux...
i don't know if this is relevant, but, my connection is adsl, and the modem is plugged in the switch, and i reach the modem through the switch...
What exactly do you do with one nic in winxp? Internet connection sharing? How do you enable that with only one network connection?
You sure that that "switch" is not a router? What is the output of ipconfig /all in windowsxp when you have this setup where you can use winxp as a gateway and it only has one nic?
Your modem could be with built-in internet sharing/NAT already but without firewall definitely.
I have tried this once in Slackware 10. Here is my script:
#!/bin/bash
#
# My Linux Box Simple Internet Sharing Script
#
# file: /etc/rc.d/rc.nat
#
#----------------------------------------------------------------------
# Don't forget to make this file executable by doing
# chmod 755 /etc/rc.d/rc.nat
#
# Then in your /etc/rc.d/rc.local script add this after the last line:
# . /etc/rc.d/rc.nat
#
# You may put a header comment to identify this.
#-----------------------------------------------------------------------
#
# eth0 = internal interface - (localnet) - This depends on your setup.
# eth1 = external interface - (DSL connected)
#
IPTABLES="/usr/sbin/iptables"
EXTIF="eth1" # To where my DSL is connected.
INTIF="eth0" # Connected to my local network.
#
echo ""
echo "Loading my INTERNET SHARER & rc.firewall ruleset....."
echo "My Box Internal Interface = $EXTIF"
echo "My Box External Interface = $INTIF"
echo "Clearing existing rules and setting default policy..."
$IPTABLES -P INPUT ACCEPT
$IPTABLES -F INPUT
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -F OUTPUT
$IPTABLES -P FORWARD DROP
$IPTABLES -F FORWARD
$IPTABLES -t nat -F
sleep 1
echo "FWD: Allow all connections OUT and ONLY existing and related ones IN..."
$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT
$IPTABLES -A FORWARD -j LOG
sleep 1
echo "Enabling IP NAT (MASQUERADING)...."
$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
sleep 1
echo "Enabling IP FORWARDING...."
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "Checking if IP FORWARDING is enabled = '`cat /proc/sys/net/ipv4/ip_forward`'"
#
if [ `cat /proc/sys/net/ipv4/ip_forward` = 1 ]; then
echo "It's enabled!..."
else
echo "IP forwarding is not enabled. Enable it now by typing 'echo 1 > /proc/sys/net/ipv4/ip_forward'"
echo "at the command line."
fi
#
echo ""
#
# End of my personal /etc/rc.d/rc.nat.
Just adjust the path since Slacware is a BSD style Linux.
This will be started each time you startup your box.
This is not yet secured since INPUT default policy is to accept. Search for howto on how to make this secured by creating default drop policy. I have tried one howto but it didn't work. And if you really want a highly secured firewall I would recommend OpenBSD instead - the one I'm using.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.