Can't figure out how to share internet connection in Red Hat 7.3
I just started using Linux about a week ago. I want to share my dial up internet connection, but haven't been able to figure out how to do it. I'm using Red Hat 7.3. Any help would be appreciated.
|
Hmm...
I'm definately going to need LOTS more info....
What's the gateway? Which firewall? Lokkit? Too many questions to list..... |
The linux machine is the gateway, no firewall (at least that I know of, I never set one up on it). I have no idea what Lokkit is. If you could even give me an idea where to go to start configuring the share I coud probably get it working. I just have no idea where to start.
|
So...
You have a modem and an ethernet cart in the gateway?
If so, try the network configuration tool. You'll have devices listed - a modem and eth0. Give the eth0 the IP 192.168.0.1, broadcast 192.168.0.255, netmask 255.255.255.0. The internal computer should (possibly) be setup with IP 192.168.0.2, etc... That's a place to start.... Also, do this: /sbin/iptables -L and post the output back here... |
Thanks. I'm trying that right now. I'll post again if I need more help.
|
Here's the output I got from /sbin/iptables -L
Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination |
Ouch!!!!!
You're running NAKED!!!!!
Better get some clothes on... Try this: http://iptables.1go.dk Also this: http://www.netfilter.org/documentati...-tutorial.html To do connection sharing you'll need ipmasquerade. Here's a simple script to get you started. This stuff is intimidating at first, but it's really easy. You just need to read and learn. #!/bin/sh echo -e "\n\nLoading simple rc.firewall." IPTABLES=/sbin/iptables EXTIF="ppp0" #or whatever modem is... INTIF="eth0" echo " External Interface: $EXTIF" echo " Internal Interface: $INTIF" echo -en " Loading Modules: " echo " -Verifying all kernel modules are OK" /sbin/depmod -a echo "Enabling Forwarding..." echo "1" > /proc/sys/net/ipv4/ip_forward echo "1" > /proc/sys/net/ipv4/ip_dynaddr echo " clearing any existing rules and setting default policy.." $IPTABLES -P INPUT DROP ##changed from accept $IPTABLES -F INPUT $IPTABLES -P OUTPUT DROP ##changed from accept $IPTABLES -F OUTPUT $IPTABLES -P FORWARD DROP $IPTABLES -F FORWARD $IPTABLES -t nat -F echo " FWD: Allow all connections OUT and only existing and related ones IN" $IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT $IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT $IPTABLES -A FORWARD -j LOG $IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE #below here is new. above works. echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts $IPTABLES -A FORWARD -s ! 192.168.0.2 -j DROP $IPTABLES -A INPUT -p ALL -i $INTIF -s 192.168.0.2 -j ACCEPT $IPTABLES -A INPUT -p ALL -i lo -s 127.0.0.1 -j ACCEPT $IPTABLES -A INPUT -p ALL -i $INTIF -d 192.168.0.255 -j ACCEPT $IPTABLES -A INPUT -p ALL -i $EXTIF -m state --state ESTABLISHED,RELATED -j ACCEPT $IPTABLES -A OUTPUT -p ALL -s 127.0.0.1 -j ACCEPT $IPTABLES -A OUTPUT -p ALL -o $INTIF -j ACCEPT $IPTABLES -A OUTPUT -p ALL -o $EXTIF -j ACCEPT echo " Done loading rules." Copy this and save it somewhere as: rc.firewall then as su do: chmod 755 rc.firewall sh rc.firewall That should give you some protection temporarily.... |
Thanks. I'll let you know how it works.
|
All times are GMT -5. The time now is 09:01 AM. |