Hello all,

I bought SuSE 9.1 professional some time ago and never really had the chance to fully try it out. A few days ago i finally bought some ram for my second pc and now i want to install SuSE there.

Im connecting to the internet with PPPoE and have a Siemens DSL modem. I already have a SuSE installation on my hdd now, and internet works so there are no problems about that.

Im preparing to delete my whole hdd, as well as those on my second pc and start from scratch. I would like to set my second pc up in my other room, and install SuSE there. That second pc will be connected to my DSL modem. How can i set up SuSE as a router, so my first pc goes to the internet over my second pc. I will install both Windows XP (sp2) and SuSE 9.1 professional on my first pc and i would like to be able to go online over my second pc with both os's without to much trouble.

Also is it possible to close all ports on SuSE except 80 and a few others, and if yes then where/how?

If i use the YaST firewall on my second pc, do i need to install a firewall on my first pc to (on windows), and should i enable the SuSE firewall on my first pc also?

Also is internet going to be any slower if i do this? I have a 768kbps DSL connection, and i'm currently downloading at around 80kb/s mostly.

Is there a way to limit SuSE on my second pc to only 10% of the bandwith. So that i can set a download on my second pc, and go play a game on my first without to much lag.


Last but not least is there a way to scan/examine the traffic that is going out of the windows system? I would like to do a few small experiments with some programs and i need to know if i can see all the traffic that goes out of windows in a text form on my second pc somehow, and if yes how/with what program/command.


Alright i think i wrote enough lol, i would appriciate any help.

Thx in advance!

You can setup your firewall Suse box which is the only firewall you will need. It will protect all computers on the internal network. You will not notice any difference in speed as long as both network cards are the same speeds. What you will need is two ethernet cards, one for the external unprotected network and one for the internal trusted network. What you will want to set up is SuSEfirewall2. Goto Yast --> System --> /etc/sysconfig editor --> Network --> Firewall --> SuseFirewall2. This loads a nice interface that simply edits the file /etc/sysconfig/network/config. I can't go into all the details of it, however you will want to set up your 1st ethernet card for the external untrusted network and your 2nd card for the internal trusted network. You can then route connections from one to the other using masquerading. I think you will want to take a look at FW_ROUTE and FW_MASQUERADE. Further you will set up FWD_SERVICES_INT or EXT ..._TCP or _UDP for any ports you want open. This is where you would put your port 80.

Check out ethereal (I think that's what its called) to look at network traffic.

Thx for your reply, im going to install SuSE on my second pc later today and try that out.

Just a few more questions:

FW_ROUTE, FW_MASQUERADE and the others, where do i find those? Also will i be able to share files betwen my suse box and windows?

1. goto Yast2
2. select "Security and Users" from the left menu
3. select "Firewall" on the right

then u will find a 4-steps wizard pop-up. this will guide u thru the whole setup process for what u've been requesting.

hope this help.

rite8rite and dohanc are referring to different ways to monkey with the same setup file (which is really at /etc/sysconfig/SuSEfirewall2 by the way). I'd follow rite8rite's suggestion first at any rate. You can then fine tune it the other way. (I didn't know about the other way, though I'm glad to know now. Thanks dohanc.)

Yes, you can share files between Windows and Linux. There is a very common Linux daemon called samba that can share files with Windows. Windows doesn't even know that it is talking to a linux box. YaST has a setup tool for that (you will probably want both the client and server daemons running, client to read files from the other computer, server to let the other computer read from linux).

I have not had much success in this actually. Samba runs just fine. For some reason, though, the SuSE firewall refuses to open up ports 137-139 (you will need to open these for samba). I can only share through samba if I turn off my SuSEfirewall2. I'm behind another router so it's not a big deal for me. I've also set up my machine as an ftp server and it does much the same thing (without the firewall problem).

A word of caution! I haven't run into anyone with my exact same problem. You probably wont have a problem with it. If for some reason, though, you decide to go with another firewall daemon, you may have some trouble. SuSE does not track ethernet cards by eth number, but instead by mac address. You may boot up twice and have the interface names switch on you. SuSEfirewall2 can handle this. It's designed to. Other firewalls may have trouble though. There are ways to make the interface names static, though I don't know them off hand. ("man hotplug", "less /usr/share/doc/packages/hotplug/README", "less /usr/share/doc/packages/sysconfig/README")

Your connection will technically be a little slower, but it will probably be negligible. It sounds as though you want a good packet sniffer (to read packets). If you don't get an answer on that part of your question, then I'd ask in the security forum.

Good luck.

Ok, thx all. Im going to install Linux on my second pc next week and see if it works. I'll post if i have problems