LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 11-05-2004, 12:21 PM   #1
sog777
LQ Newbie
 
Registered: Sep 2004
Posts: 23

Rep: Reputation: 15
Router, Firewall, Bandwidth Administration


Here's the situation:


I am running 3MB/384KB DSL which is bridged to my linksys 54mbps router/gateway. my router is currently set to act as a gateway for 3 computers. 2 computers are hardwired with cat5e and the third is connected wireless.

i am running Mandrake 10, win xp pro
i want to be able (using a forth pentium3 box) to control how much bandwidth each pc uses. i also want it to be a router/gateway/firewall.

I also want to be able to monitor the network through this box so i can learn intrusion detection/prevention, packet analisys, port scanning
my mandrake box is setup as a file server which holds all my media files and serves them to the clients for entertainment.

but i want it to be a linux based unit.
small memory footprint if possible. very lite.

what can i use?

Thanks
 
Old 11-05-2004, 12:33 PM   #2
gabriele_101
Member
 
Registered: Oct 2001
Location: CAMBRIDGE, MA USA
Distribution: RH9 Kernel 2.4.20-18.9
Posts: 69

Rep: Reputation: 15
This is an indirect reply/question.

You said you have a Linksys 54Mbps Wireless router (e.g., of the WRT54G family). If you update the firmware on it to the current version available at http://www.linksys.com/, you can regulate bandwidth usage per connected computer, port or service under the Applications & Gaming->QoS (stands for "Quality of Service") tab.

This is a GREAT feature that I recommend using in stead of an additional routing computer.

You can also use the highly configurable firewall and security feature in the latest firmare to log intrusion attemps and limit port access.

-Gabriele
 
Old 11-05-2004, 12:45 PM   #3
sog777
LQ Newbie
 
Registered: Sep 2004
Posts: 23

Original Poster
Rep: Reputation: 15
thanks i will try this. didnt even think to update firmware.

what can i do for placing one of my boxes to monitor(live) traffic (mainly for school purposes and what i want to specialize in). from what i have read the box has to be placed before the router for snort, ethereal, etc to work. i have found that i can not capture packets from the wireless pc with my current network setup. but i can scan other networks that i use.

again thanks
 
Old 11-05-2004, 01:36 PM   #4
gabriele_101
Member
 
Registered: Oct 2001
Location: CAMBRIDGE, MA USA
Distribution: RH9 Kernel 2.4.20-18.9
Posts: 69

Rep: Reputation: 15
I think the answer is "depends". I'm far from an expert, so if I say something stooopid, please someone chime in.

If we assume that the computers behind the Linksys router have IP addresses like 192.168.1.101 with netmask 255.255.255.0, and that the router is 192.168.1.1 netmask 255.255.255.0 (both are the default) AND you are looking to see intrusion attempts on the 192.168.1.0/255.255.255.0 subnet (behind the router) only, then I think you will see all of the traffic you want to see if you just put snort, etc. on any one of the computers and perhaps turn promiscuous mode on for your Linux NIC.

Note: I'm a little fuzzy on the routing between wireless and LAN, and from port-to-port since it's not a stupid hub but an actual router, so this may be wrong.

If, on the other hand, you want to know what is going on AT the router or BEFORE the router, then you would have to listen to packets BEFORE the router actually did anything with them, since, if the router and its firewall are configured properly (and this is in the realm of theory, not so much reality) all but the "good" packets will be getting to your LAN.

So, that begs the question of now your Wireless router is connected to the Internet. Is it the DSL/Cable router, or do you have a separate DSL/Cable modem?

If you have a separate DSL/Cable modem, then the solution to watching all traffic may be simple:

Add another $2.99 NIC (network card) to your Linux box, and connect it either to an open port on the modem, or connect the modem, wireless router and NIC all to a $9.00 hub.

Then you can snoop traffic from the Internet all you want. Be forewarned, however, you will have to clamp down security on your new NIC since it will not be behind the wireless router's firewall.

If any of this is correct, let me knwo

-Gabriele
 
Old 11-05-2004, 02:57 PM   #5
sog777
LQ Newbie
 
Registered: Sep 2004
Posts: 23

Original Poster
Rep: Reputation: 15
wan>dsl modem>linksys> lan, In that order.

but your last idea is what i was thinking about for a few days now. ibut i wanted a second opinion.

i think that i will put this second nic into mandrake and connect it after my westell modem and before the linksys.



thanks
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Small Linux Router/firewall behind D-Link Hardware router dleidlein Linux - Networking 6 04-30-2007 06:12 AM
web based firewall administration Red Squirrel Linux - Networking 1 07-29-2005 11:05 PM
linux router bandwidth sirrus_linux Linux - Networking 3 04-21-2005 02:43 AM
Firewall with http administration SlAiD Linux - Software 5 04-06-2005 11:02 AM
Hardware router. Where is my bandwidth going? jago25_98 Linux - Networking 1 09-23-2004 06:19 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 09:40 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration