HI... this is going to be hard ...

I am very new but eager to learn Linux. I downloaded today Slack 10.1 and installed on my Desktop PC. On this PC I have two identical network adapters. One is connected to my campus LAN from which I receive Internet (so it is my external adapter and it is eth0) and the other is connected through a crossover cable to my laptop.

When I had Windows XP on my Desktop it all was simple and I managed to give to my laptop Internet access using static IP (on the laptop) or either dynamic by DHCP.

What I've tryied for some couple of hours now, was to give Internet access to the laptop using my "new" Slack-box... after reading and reading on this forums and making alot of blind changes (whitout exactly knowing what I'm doing ) I've managed to configure the /etc/rc.d/*rc.modules using the iptables and stuff, to make rc.ip_forwarding executable and initialise it on boot, so if I set my laptop ethernet to a static IP from the same net like the eth1, I had Internet on it.

Now I am very satissfied by this "HUGE" success ) , but like every man I want more . I want to set-up a DHCP on my Slack to give automatic IP to the laptop. I cannot do it. I found some posts about this but nothing works. I setup my /etc/dhcpd.conf to tell what range of ip's to use, I've created my own executable in the /etc/rc.d/ to start the DHCP on boot ... but nothing... laptop never receive IP if it is set on obtain automatically. Does it make any difference that my laptop is connected using a cross-over cable and not by a HUB or Switch ?

What should I do/read more to make it?

if I do this, my next plan is to limit the traffic (let's say to give only 128 kbps to the laptop out of aprox 2Mbps my desktop receive from the campus)... and another plan is to try to create some rules in order to block access to the internet, unless the computer who connects through eth1 has an allowed MAC address. If the MAC will not be on list, I don't want to let it receive internet... is that possible?

thank you in advance and sorry for my english

I don't really understand networking so I can't help you much about this, but using a hub or a crossover cable shouldn't make any difference.

hmm, i'm not positive, but i believe the dhcp server needs its own ethernet card. it certainly needs its own IP address. normally, in a small home network the dhcp server is the router. your ISP also runs a dhcp server, and this is what gives you your connection to the outside world. each dhcp *client* (in linux, dhcpcd) sends a request to the IP address it has listed as the dhcp server (less /etc/rc.d/rc.inet1 and see if you can follow the trail) requesting an IP address.

in other words, i don't think you can obtain an IP address from yourself. you most likely just need to disable dhcp at boot, and make sure dhcpcd starts properly. try running netconfig as root.

dhcpd can be run off the same NIC as the rest of your servers. You probably only need to create/modify the /etc/dhcpd.conf file to suit your own network, and set dhcpd to run at startup.

On my super-server, which includes a DHCP server, the /etc/dhcpd.conf file looks vaguely like this:
You can leave out "mydomain.local" from yours. In my case, it's because there's 7 devices running as servers (hence the reserved IP addresses at the start and end of the subnet I'm using), and it's a lot easier for me to check connectivity by typing "ping smtp" than "ping 192.168.0.3". I'm running a DNS server in addition to DHCP, though. If you're not, then you should set the DNS option to your local school network's DNS server. You can have an address that's outside of your network set through DHCP.

Once you've got the dhcpd.conf file set up, you just need to load dhcpd at startup. I've done it on my system by tacking a line onto the end of rc.inet2:

Just change eth0 to the proper ethernet card you want dhcpd to listen on, and you're off to the races.




As for troubleshooting your own situation, I'd need to see your /etc/dhcpd.conf file to tell you what's wrong with it. I'd also want to make sure that DHCPd is running on your computer. Just because you've created a script in /etc/rc.d does not mean that it's being run at startup. On your desktop, run a "ps -A | grep dhcp", and you should see at least one entry for "dhcpd". If you don't, then it isn't running, and that would be why your laptop has no connectivity.

do you specify the interface for the dhcp server to listen on when you start it?

it's probably running on the wrong one..

also, I know you can make only certain mac addresses get ip addresses from the dhcp server.. this doesn't stop a static IP from working.. but it's a start and I really don't know of any way to absolutely deny access to certain devices.. mostly because I don't know iptables that well.

thank you Kilelrbob .. you've been of real help. I didn't know how to check if my DHCP is started or not and also I didn't know how to tell DHCP on which eth to listen to. My dhcp.conf was pretty much the same as yours so I only had to add in rc.inet2 the command to start the DHCP on eth1.

Now I also know how to assign static Ip through DHCP on the MAC basis, but how can I block others to acces the internet. How to create an allow list, where only the MAC's in the list should be able to access internet, and others not ?

I have to read more on iptables because I know there you should configure your rules but right now I don't know how... so if you have any advices they'll be of a real great help to me.

know that I've done these, it doesn't look so difficult . The big problem for me is the imensity of linux and because I don't know this OS it looks difficult at the begining. The bigegst problem is where to look for what you want to do/configure. I still don't know which is the file that's being executed at boot time.. are there more than rc.inet2 ? hehehe.. and many questions to come

regards and thank you again,
a linux enthusiast.
Alin.

if i understand correct:
eth0=internet
eth1=laptop.

and you want to reach internet from the laptop .?

you'll need an ip-tables rule to bridge from eth0 to eth1

iptables -t nat -A POSTROUTING -o eth0 -s 192.168.123.0/24 -j MASQUERADE

( you can put it in rc.local so it's run at startup )
you'll have to change 192.186.123.0 to your own network adress.

also for dhcp you can use "dnsmasq ".
it's a dhcp server and a caching nameserver, so dns will also speed up.
all you need to do is edit the /etc/dnsmasq.conf file.
just take a look at that one, all is well explaned with examples.

egag

cd into /etc/rc.d/ and take a look around. those are all your startup scripts. rc.S is run when single-user mode starts, rc.M is run when multi-user mode starts. to stop one of these scripts from running, chmod it so it's not executable. i did that for rc.bind and rc.cups, etc. because i knew i wouldn't need them.

Something like this in your dhcpd.conf should work:

host laptop { hardware ethernet 00:00:00:00:00:00; } #change mac addy obviously
... (and so on)

subnet 192.168.0.0 netmask 255.255.255.0 {
option domain-name-servers ns1.example.com, ns2.example.com;
default-lease-time 604800;
max-lease-time 604800;
option routers 192.168.0.1;

pool {
range 192.168.0.10 192.168.0.19;
deny unknown clients;
}

pool {
range 192.168.0.20 192.168.0.30;
allow unknown clients;
}
}

This way, when you implement your bandwidth throttling, you can define which machines will be throttled, and which won't (using ip rules, or whatnot). Basically, guest and priviledged ip pools. If you don't need this, you can omit the 2nd pool {} instance, and it should only allow clients that are defined by the host parameter.

NOTE: This will restrict them from getting an ip. If you want them to be able to access the LAN, but not the internet, you would need to configure that with iptables in rc.firewall (or whatever it's called)

My /etc/rc.d/rc.inet2 has this line:I belive I may have modified it to include both interfaces, but I'm sure it was in there after a fresh install and it may have even been remarked out with a hash (#)

For your setup, the network card that has the crossover to the laptop will be the interface to use on the end, so if it's eth1 then the line is:you should also have a static IP address set on this card in Linux, Slackware has a file /etc/rc.d/rc.inet1.conf with a place for these paramaters so I added the IP address that ends in .1 since this is typically assigned to routers (in your case the Linux box is a router)You have to make sure that the IP address is on the same subnet as the DHCP pool. In English this means the first 3 numbers of the IP address you set in IPADDR= should match the first three numbers of your range in the /etc/dhcpd.conf. Since Slackware is giving out address to others, it has to have it's own address set up manually. In Windows the same thing needs to be done except that the "Internet Connection Sharing Wizard" does all this for you (and won't let you modify it from the defaults if it ever fails to work.)Some DHCP server caveats and helpfuls are that you need to be careful what range of addresses you give out. Notice that in my subnet section the range is x.y.z.51 to x.y.z.254. You should avoid setting up the range to include the x.y.z.1 address, or any other addresses you assign manually. The program usually takes steps to stop this from being used if it is there but other computers can get this address and the network won't work right. I also have this handy host section with the MAC, or Ethernet, address of my NIC (network card) in it which means my favorite workstation always has the same IP address that I don't have to set up again if I dual boot or wipe the OS, this too shouldn't be in the range section so as to avoid conflicts.


Hope that helps clear some things up.

That is listening on both interfaces. If you're on a school network, you don't want a DHCP server running on the public interface at all. That has the capability of blocking out users from the school network, and getting you in a lot of trouble.