LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   separating connections (https://www.linuxquestions.org/questions/linux-networking-3/separating-connections-546014/)

[AdultSwim] 04-14-2007 10:06 AM

separating connections
 
Hi,

I need to share my internet connection with other computers than my own but I want to keep their computer separated. I want to give them full access to the internet but don't want them to be able to access my computer, server, and file share services. And I also wanted to make it impossible to sniff data from my PCs

Should I create a proxy?. If so should I use squid or something else.

Thanx in advance

theNbomr 04-14-2007 11:36 AM

Assuming you are talking about a home internet connection using DSL, and that 'your' system is some kind of Linux, you should install a second ethernet, and make your Linux system a firewall/router. One ethernet connects to the DSL modem, and the other connects to a hub/switch in your LAN. My recommendation for a ready-made package that does a good job of this is http://homelansecurity.sourceforge.net/. There are other similar packages, some having GUI configuration tools. Maybe others will point out some of these. Come back here with specific configuration questions, should you have any.

--- rod.

[AdultSwim] 04-14-2007 11:44 AM

Yes, i am talking about a home network and I use Linux.

Thanx for the help

shahz 04-14-2007 12:10 PM

Well yes you can use proxy squid and still if you play with the iptables you can share the internet to other NIC

acid_kewpie 04-14-2007 12:41 PM

well squid won't give you "full" internet access, only http ftp etc... and if you're conencting all machines to a switch, not a hub then as long as they don't mess about with that switch you can't be sniffed either. finally, use a decent iptables setup on your machine to stop them getting in. that's what it's there for.

theNbomr 04-14-2007 12:48 PM

Just to clarify, HomeLanSecurity is a package that 'plays with the iptables'. Creating an iptables configuration that works and is secure takes a lot of knowledge. That is why I recommend using a mature package that has withstood the scrutiny of experts over time. HLS is not the only such package out there, simply the one I like and have used. I don't use squid, but my understanding of it is that it is mainly a proxy server, and serves little or no routing or firewalling purpose. As such it may be useful in addition to an iptables based router, but not as a replacement alternative. Someone correct me if I'm wrong on this.
--- rod.
EDIT: Of course, while I wrote this, acid_kewpie was swooping in to answer a priori.


All times are GMT -5. The time now is 11:08 PM.