Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
|
07-25-2001, 05:33 PM
|
#1
|
LQ Newbie
Registered: Jul 2001
Posts: 3
Rep:
|
Setting up a Linux gateway machine
Hello Sir,
I installed Linux Red Hat 7.1 on my physical gateway.
I can surf the Internet from the Linux.
I can not surf the Internet from the client connected to it.
I get replys when I ping LAN computers from the client.
Could u please tell me what to do?
Please be extremely specific; I am new to this operating system.
Thanks,
Inbar
|
|
|
07-25-2001, 06:00 PM
|
#2
|
Member
Registered: Feb 2001
Location: Colorado Springs, CO
Distribution: Redhat v8.0 (soon to be Fedora? or maybe I will just go back to Slackware)
Posts: 857
Rep:
|
Here is an excellent IPMasq resource:
http://ipmasq.cjb.net/
Specifically, this document will cover the 2.4 kernel in Redhat v7.1:
http://www.e-infomax.com/ipmasq/howt...tml/index.html
Its very detailed with step by step instructions. There is an offline copy that you can download and print at the above site.
Have fun.
KevinJ
|
|
|
07-25-2001, 09:23 PM
|
#3
|
Member
Registered: Apr 2001
Location: NY
Distribution: used to be Redhat, now Debian Sarge
Posts: 291
Rep:
|
I just found that site today while i was bored out of my mind from surfing the net, and i printed it and my boss caught me . I just thought i would share it with you.
|
|
|
07-28-2001, 04:40 PM
|
#4
|
Member
Registered: Jul 2001
Location: Utah
Distribution: RedHat v7.3, OpenBSD 3.3, FreeBSD 5.0
Posts: 327
Rep:
|
is it neccesary to use IP Masq in that instance, or can you just tell the machines behind the linux box to use the Linux host as the default gateway? Seems it should route the web traffic just fine that way.. and if not so, for what reasons?
|
|
|
07-29-2001, 03:00 PM
|
#5
|
Member
Registered: Feb 2001
Location: Colorado Springs, CO
Distribution: Redhat v8.0 (soon to be Fedora? or maybe I will just go back to Slackware)
Posts: 857
Rep:
|
It is necessary to use IPMasq if the clients behing the gateway are using private IP addresses. If there are "real" registered IP addys on clients.. then the gateway machine can simply act as router.
|
|
|
07-30-2001, 03:51 PM
|
#6
|
LQ Newbie
Registered: Jul 2001
Location: lancashire, uk
Distribution: mdk 8, seawolf, openbsd.
Posts: 29
Rep:
|
what you can do is also (if you are on dialup) to have it dial on demand so when you request an external site / ip then it connects for you
i think the app is called diald if im not mistaken and obtainable from freshmeat.
|
|
|
07-30-2001, 03:57 PM
|
#7
|
LQ Newbie
Registered: Jul 2001
Posts: 3
Original Poster
Rep:
|
Hi guys,
Thanks for your kind help.
KevinJ, could u please tell me what to do if the clients' IPS are
not "real."
The tool, which u advised me to use is not helpful, since the client
IPS are not registered IPs.
Thanks,
Inbar
|
|
|
07-30-2001, 04:18 PM
|
#8
|
Member
Registered: Feb 2001
Location: Colorado Springs, CO
Distribution: Redhat v8.0 (soon to be Fedora? or maybe I will just go back to Slackware)
Posts: 857
Rep:
|
Actually, the links I posted above on IPMasq are exactly what you need.
I recommend using something with the 2.4 kernel as your OS. I use Redhat v7.0 with a 2.4 upgrade, but I am going to go to v7.1 with the new machine I am building.
Your gateway will need two interfaces: one modem and one nic, or two nics. One interface will connect to your ISP as normal, the other will connect to an internal network using something like the 192.168.x.x subnet.
The Linux machine will route packets between the Internet and your internal network. It will use IPMasq to translate the internal IP traffic into external IP traffic, and vice versa, for the clients inside.
At its simplest level, it will require minimal configuration of the iptables (one or two lines I think) and I believe a kernel recompile from a stock RHv7.1 install.
In addition, you will want to brush up on general security documentation to protect yourself from intrusion and DOS attacks. Just Keep It Simple and don't turn anything on you don't need and you should be fine.
KevinJ
|
|
|
07-31-2001, 08:56 AM
|
#9
|
LQ Newbie
Registered: Jun 2001
Distribution: RH 7.1
Posts: 5
Rep:
|
Kevin,
Why would we require to do a build on the kernel? I can't think of any reason.
Cheers,
Antony
|
|
|
07-31-2001, 12:51 PM
|
#10
|
LQ Newbie
Registered: Jul 2001
Location: Manila, Philippines
Distribution: Redhat
Posts: 1
Rep:
|
I am assuming you are using Windows as client.
Check your client DNS and Gateway settings. Gateway should point to your Linux box. You can use the same DNS you configured in the Linux box.
|
|
|
07-31-2001, 01:59 PM
|
#11
|
Member
Registered: Feb 2001
Location: Colorado Springs, CO
Distribution: Redhat v8.0 (soon to be Fedora? or maybe I will just go back to Slackware)
Posts: 857
Rep:
|
Quote:
Originally posted by pros
Kevin,
Why would we require to do a build on the kernel? I can't think of any reason.
Cheers,
Antony
|
I don't know if the stuff you need for IPTables/IPmasq is included in the install kernel. As I said before, I am using an RHv7.0 install with a 2.4 kernel.. so I had to do one most certainly.
I have a couple of RHv7.1 boxes.. but they aren't acting as gateway. If the forwarding/firewall mechanisms are included in the default kernel.. then a recompile is not required.
OTH ....
1. I recommend everyone learn how to recompile a kernel. Its a great exercise.
2. Recompiling the default kernel to remove all the junk included that you will never use is probably a good idea in the first place.
|
|
|
07-31-2001, 02:28 PM
|
#12
|
LQ Newbie
Registered: Jul 2001
Posts: 3
Original Poster
Rep:
|
Hi Kevinj,
After I checked with the system administrator, it turned out the clients' IPs are real IPs, not private IPs; these are real IPs provided by the ISP.
According to what u said above, the IPMASQ tool would have solved the problem mentioned above if the clients' IP were private.
Just tell me if I still need to use this tool if the clients' IPs are real IPs, provided by the ISP.
If I do not need this tool, maybe I am doin' somthing wrong with the client configuration as is mentioned above?
Thanks,
Inbar
|
|
|
07-31-2001, 03:50 PM
|
#13
|
Senior Member
Registered: May 2001
Location: Bristol, UK
Distribution: Slackware, Fedora, RHES
Posts: 2,243
Rep:
|
Have you enabled IP forwarding on the gateway with
Code:
echo 1 > /proc/sys/net/ipv4/ip_forward
Otherwise it doesn't matter wether your clients are setup right or not, the linux box ain't gonna forward traffic for you.
cheers
Jamie...
|
|
|
07-31-2001, 04:08 PM
|
#14
|
Member
Registered: Apr 2001
Location: NY
Distribution: used to be Redhat, now Debian Sarge
Posts: 291
Rep:
|
You cannot use IP masq if you have a real ip. So you have to set your box as a router. And I installed RH7.1 like 4 times now and i had to rebuild the kernel in order to do ip masq. www.ipmasq.cjb.net tells you everything step by step on how to get it working...
|
|
|
07-31-2001, 04:17 PM
|
#15
|
Senior Member
Registered: May 2001
Location: Bristol, UK
Distribution: Slackware, Fedora, RHES
Posts: 2,243
Rep:
|
Quote:
Originally posted by dilberim82
You cannot use IP masq if you have a real ip.
|
Well you can, you just don't need to.
cheers
Jamie...
|
|
|
All times are GMT -5. The time now is 02:48 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|