Wayne,
The concept is, regardless of distribution:
1) Connect only your "server" to the internet
2) Set your workstations to use your server as default gateway to the internet.
3) Set security, file permissions, etc appropriate to your level of comfort
and system goals.
For *most* home LAN's you simply use ppp to connect your server to the 'net
and then use
ipchains, ipforwarding and masquerading to allow bi-directional access with
your workstations.
Use a hub and assign each workstation and the server a unique ip address,
such as:
server: 192.168.0.1
wkstn1 192.168.0.10
wkstn2 192.168.0.11
The default gateway on each workstation will be 192.168.0.1.
You'll need to enable ipforwarding at the kernel (make sure you make the
kernel with ipforwarding, firewalls & masquerading enabled) with something
like 'echo 1 > /proc/sys/net/ipv4/ip_forward'
A shell script for ipchains helps. Look at the man pages and the example below:
#!/bin/sh
IPCHAINS=/sbin/ipchains
localnet="192.168.0.0/24"
firewallhost="192.168.0.1.2/32"
local="192.168.0.0/24"
Any="0.0.0.0/0"
wkstn1.n9psr.ampr.org="192.168.0.10/32"
wkstn2.n9psr.ampr.org="192.168.0.11/32"
localhost="127.0.0.1/32"
server.n9psr.ampr.org="192.168.0.1/32"
$IPCHAINS -P input DENY
$IPCHAINS -P forward MASQ
$IPCHAINS -P output ACCEPT
$IPCHAINS -F
$IPCHAINS -X
# input rules
$IPCHAINS -A input -s $local -d $Any -j DENY
# forward rules
$IPCHAINS -A forward -s $local -d $Any -j MASQ
$IPCHAINS -A forward -s $wkstn1.n9psr.ampr.org -d $Any -i any -j MASQ
# output rules
$IPCHAINS -A output -s $local -d $Any -j ACCEPT
$IPCHAINS -A output -s $wkstn2.n9psr.ampr.org -d $Any -i eth0 -j ACCEPT
These are merely examples and no guarantee of security is implied!
Recommend reading the NET*-HOWTO's, IPCHAINS-HOWTO, the NAG and SAG
documents as well.
RH & Mandrake allow you to do most of this configuration using netconf,
netconfig, drakconf, etc. SuSE uses YaST.
Sounds like you don't need an additional PCMCIA NIC, but you will need one
each for your server and
other workstations.
jk
At 08:05 PM 11/29/2000, you wrote:
>>Hi guys, I'm sorry I wasn't more Specific about which University I was
>>talking about.. I am attending Western Illinois University in Macomb
>>Illinois. The University is phasing ethernet connections into all of
>>it's Housing. The NIC the gentleman is offering is a USR/3Com
>>10/100 card. Looks like a pci card, but I can't tell by looking as I'm
>>95% blind- that's why I have a Leader Dog.. LOL LOL I have a 4 port
>>netgear (or maybe it's linksys) hub and a NIC in my curren desktop and a
>>pcmcia NIC for my laptop.
>
> I don't have Debian, have never worked with Debian. I was hoping
> I'd be able to use the Mandrake 7.2 distro in a modified form.
>
>Sincerely and Respectfully Yours
>
>Wayne & Leader Dog Sequoia
>
>N9PSR FISTS #4409
>icq# 315313
>[EMAIL PROTECTED]
-----------------------------
James S. Kaplan KG7FU
Eugene Oregon USA
[EMAIL PROTECTED]
http://www.rio.com/~kg7fu
ICQ # 1227639
Have YOU tried Linux today?
-----------------------------
