Single eth, 3 computers, HTTP proxy authentication.......
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Ubuntu Hardy Desktop, Solaris 10, Workstation 2008 x64
Posts: 75
Rep:
Single eth, 3 computers, HTTP proxy authentication.......
Ok, heres the problem.
I'm at university living in halls, with 2 computers atm and one spare for my idea....
We are given the standard proxy username and login based on our student numbers. Not SOCK or normal HTTP, but wen i first try to access a website i get redirected to another page (SSL certified) where i enter my username and password. I hav to do this every time i start up so i imagine its tied into the DHCP server.
ANYWAY atm the computer connected to the wall socket is WinXP pro with internet connection sharing running over a wireless connection to my laptop thats dual boot xppro and kbuntu. I want to maintain that connection, but its annoying that if i'm working on the desktop or experimenting with something new and i hav to reboot then i lose my internet connection to the laptop.
bearing in mind that some of the things I'm doing on the network arent exactly kosher compared to "standard student traffic", so I'd like a bit of separation and protection from the network.
What im thinking of is using a standard boring switch, setting up an old sony vaio laptop with [insert os here] to act as a gateway (possibly firewall/IDS) using 2 ip addresses on the same ethernet connection (thats my question, will that work?) one on the university ip net and the other on a separate local subnet (192.168.x.x)that will be used to connect to the other computers, including a DHCP and DNS server for the local net that wont interfere with the uni net.
basically my questions are this:
1)Will this work?
2)Any recommendations for distros/software packages?
3)How secure or separate will this setup be from the rest of the net?
If there is any ambiguities that need cleared up, reply and I'll post updates.
You certainly can have multiple IP's on a network interface (called IP alias) however I don't think they can be from seperate networks. You'd probably have to have 2 network cards to do it, 1 for the university and 1 for you internal network.
If your laptop has a builtin NIC, look into getting a cheap PCMCIA NIC as well for the internal connection.
The way you should do this is to have a dual NIC machine plugged into the uni network, with one card getting DHCP from the uni, then that box also acts as a router, and does DHCP for the client machines behind it. That box should also have IPtables installed, which is a software firewall.
No matter how you do this, you can't hide any traffic going to the internet from your uni. If you keep things to the LAN in your room that you can hide through IPtables, but I rather suspect what you are trying to do involves internet access, and since your internet is provided by the school, every single bit of data that leaves your room will be known to them. You'd need another internet feed into your room to hide from them.
Distribution: Ubuntu Hardy Desktop, Solaris 10, Workstation 2008 x64
Posts: 75
Original Poster
Rep:
nearly but not quite
well, i suspected i'd need the 2 NIC, just wanted to see if its possible, i guess not.
Basically what i meant was that having the multiple boxes behind the single box would mean that if there ever WAS anything that they wanted to catch me up on, they cud never prouvve it was me directly, because since i hav the wireless on the desktop, i hav told thepeople on my floor that they can use it, what i meant was that having everything behind the vaio box, nothing cud be traced back past there? true/false
Completely false. You would still be responsible. Your front line device, this server being discussed, would get an IP from your school. Anything questionable would have as its last destination on their network, your machine with their IP address. I'll bet tons of money that they had you sign an agreement stating that you wouldn't use the connection for anything illegal. It won't matter if you're running a wireless access behind the connection, you would be responsible for securing that as well.
If it were a legal question, they could take the machine and check it dhcp logs and anything else to find what MAC was involved with anything illegal, but they could (and most likely would) catch you. it seems very black and white to me.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.