Trying to get away from Micro$oft
Ok I have been doing the M$ thing for too long. I used to do UNIX support, but have forgotten a lot.
I'm trying to configure my Linux box to share its internet connection(eth0) with two seperate ethernet cards(eth1, eth2). I do not have a budget(so says the wife) to buy a router, or hub(at current), and had a fully functioning network using Windows XP to connect, and the same hardware configuration(really brainless ease of setting up a network "Bridge"). I'm hoping I can set up the network to use Linux(Mandrake 9.1) instead of the XP box. My question is how? 3 computers - 1 Mandrake Linux Box - 1 XP home - 1 XP Pro Mandy box has 3 NIC's(used to be XP) Each XP has one, The two XP boxes are connected to the Mandy box via crossover cables. The Mandy box connects to the Internet. I can get one XP box on at a time(internet connection sharing through DrakGw) Any help would be appreciated Tommy cat :newbie: |
What you're looking for is Network Address Translation (NAT), aka packet forwarding.
There's a utility called Firestarter that will configure it for you if you're in a hurry, or you can write the ruleset yourself using iptables. |
Thanks, that is a nice easy configuration tool, but it still only lets me share my internet connection to 1 NIC
I could share to both in XP, and was wondering how to do it in Linux(Mandrake) |
Hm, its quite possible, but I'm afraid you'll have to get your hands dirty with iptables. I have to run off to work right now, but I'll see if I can think up a ruleset that might work while i'm flipping burgers.
If you can't wait, google : ). |
http://www.linuxguruz.com/iptables/h...les-HOWTO.html
http://www.tldp.org/HOWTO/IP-Masquerade-HOWTO/ Reading is fun, because knowledge is power! |
Definitely read those howtos, but I'm pretty sure something like this will give you what you need (one entry for each ethx, will assume eth0 goes to your ISP)
bash# /sbin/iptables -A FORWARD -i eth0 -o ethx -m state --state ESTABLISHED, RELATED -j ACCEPT bash# /sbin/iptables -A FORWARD -i ethx -o eth0 -j ACCEPT bash# /sbin/iptables -A FORWARD -j LOG bash# /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE You might want to add in a forwarding rule for your ISPs nameservers, although I'm pretty sure it won't be necesary. ~Andrew |
Oh yeah, maybe think about blocking UDP requests.
I'm not sure, but I don't think anything but Barney Rubble comes from UDP |
DNS uses UDP, Some games use UDP, some messaging services use UDP, ... Long story short, UDP is used. Blocking UDP is a bad idea, but that first post was gold.
BTW, has advertising to get people's old gear worked for you, andrew? If so, maybe I should try it ;) I'm running a 486 w/ 36MB (Yes, 36) of RAM (slackware 8.1) as my DSL router ;) |
BlindSight: well, win some/lose some.
So far my advertising hasn't turned up much, I think most linux users are pretty keen on holding onto old parts. However, I recently gank a Toshiba laptop from a local University with under 8 (that's right, 8!!!) mb of RAM. NetBSD from about two years ago suited it well : ). ~Andrew |
Big Thanks for all the help.
Too bad I have to wait til the weekend to try it out. School and work kinda keep me busy through the week. At any rate I was lucky enough to catch one of my employers getting ready to trash several machines. I liberated a few 333mhz machines from the trash heap(hey they're better than the 8088 :D Just kidding). They still had RAM in them(64 megs of PC100 RAM each). Some companies upgrade a lot. Some will even pay you to get rid of their old machines. My wife won't let me have anymore(I have 4 shells with older Pentium™s on them). My spare bedroom is beginning to look like a test center. Heck the Mandy box I'm setting up is one of those liberated machines. I gotta start selling some of this stuff:p |
Well I found a nifty script while waiting to test this weekend. This one is great to share the internet connection with multiple NIC's
Quote:
|
All times are GMT -5. The time now is 08:24 AM. |