Hello, all.

I used to administer an Ubuntu box for a wiki and several web sites, but I have not even looked at it for well over a year. The rust has accumulated, and a finger pointing in the right direction would be appreciated.

I have a fully functional Ubuntu server box sitting in my basement, and I'd like to know if the following would be possible with it:

1) Use it as a router to distribute an Internet signal to my internal LAN (via a switch, I guess);

2) Have all Internet traffic anonymized for all services so the IP address obtained from my ISP would be masked.

I haven't found any suitable solutions as yet. My bandwidth is restricted, so something like a TOR server would not be suitable (although a TOR implementation of some kind may be). Any help appreciated. Thanks.

ok well 1) is just enabling ip forwarding (echo 1> /proc/sys/net/ipv4/ip_forward) and also probably external masquerading. as for 2)... wassat? your isp gives you an ip for a reason... how do you expect to use the internet with a faked ip address??

Um, so the sites you visit don't have access to your real IP address? Pretty common request, surely you've heard of it before...you know, for anonymity?

no, that's not possible. when you leave a LAN for an internet destination, then the IP must be changed to a publically routable IP in order for the traffic to get back. the IP you use *must* be globally routable back to the internet device it left from. it must be your IP address. maybe you mean something like stripping x-forwarded-for headers from proxy requests?? maybe the clue is in your use of the word "real"?

Let me rephrase, then:

Is it currently possible to set up my Ubuntu server so that:

1) It acts like a standard router distributing an INET signal to my internal LAN devices;

2) ALL requests (of any kind or protocol) are routed through a proxy (or other such anonymizer) so that that destination INET servers see only the address of the requesting proxy, and not the IP address from my ISP.

Thanks.

ok well, what is the address of the proxy? what is the address of the ISP?

Make them up. Do those specifics really matter in the framework of this theoretical conversation?

Are you asking for connecting from your system going out (surfing, etc) or are you talking the connection coming from the internet to you (ftp server etc). If the first then yes, set a main internal proxy then set the proxy to use tor. If you mean the second then no.

I mean the first. Thank you.

TOR will not handle UDP requests, if I remember correctly, will it?

it matters to try to work out what you actually mean... are they private address ranges or something? what you are actually asking for is impossible. what you actually mean might be... your internet traffic *MUST* be routed on the internet using the IP address of your internet facing devices. if you don't understand this, then you meed to go and read up on tcp/ip basics. There are options like using socks proxies and things, but really aren't going to be "normal" things by anymeans. if you think you are just looking for a nominal security tick box, then you are mislead... your internet traffic will always come from your own IP address if you are on the internet directly. ISP's like AOL do do IP proxying, but that's horrible, as you then can't serve anything at all and well.. your'e with AOL, that's bad enough.