Re: [expert] RE: Another IPChains Question

[Jason Smith]

----- Original Message ----- From: Chris Loper To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Tuesday, August 29, 2000 3:22 PM Subject: [expert] RE: Another IPChains Question Hello Regarding the issue of keeping your network stations isolated from each other, while that defeats the objective of a LAN. You might start by taking down your network neighborhood That would include file and printer sharing. I know very little of Windoze so I'd take the former with a LARGE grain of salt. The NIC has provided several series of IP addresses to be used internally (I think Dave Ranch has listed these on the Trinity OS site). I use pretty much anything from the 192.168.1.0-255, 192.168.2.0-255 (pretty sure that 192.168 class B block is free).  Assign the local network card on your Linux machine as 192.168.1.1 (gateway for MS-Dos workstations), assign 192.168.1.2-254 to your workstation (I don't recommend DHCP) using the /etc/rc.firewall enter your ipchain commands. These are a couple of lines taken from our file. /sbin/ipchains -A forward -s 192.168.1.40/255.255.255.255 -d 162.78.0.0/255.255.0.0 -j MASQ /sbin/ipchains -A forward -s 192.168.1.210/255.255.255.255 -j MASQ The first line limits the access for workstation 192.168.1.40 access to a single site 162.78.0.0 (in this case a whole class 'B' address block). While the second line lets workstation 192.168.1.210 complete access to the internet.   I hope this helps good luck to ya. ~ --  Regards Chris Loper Select Sales, Inc. -----BEGIN PGP PUBLIC KEY BLOCK----- Version: PGP 6.5.2 mQENAzmhoyMAAAEIAL8YC8fxlKE2trn7vGuuR9EODbPqHzkojvZZpOYmNKGoUL5b wSs8qGqyYkPKIvYyG4b5xChT+lGvIPCOrI6HZBNT0M8ifp088d0v0+Cn3o/tbDFD gaGGeBqtVCMPX0ws1nSny0mie9YQ8PDlK6nKEJsPFrWJVR/6G8QlqhHA2/sxxGl+ zfnCVN8b2gZlCjRxwEZ21rq4ZMNSXVkyLoPOnKWrNxW6NwRUIbbhIOZDh4qD6FmN 5xOt0AAojmNkRqp0dQZUTkeKVcEIjCPF6gqROBNVke5mG3z7dRhVK06vcWR/MSWh 5MKFEAdfQ/6elAB2hAr/eGot3PVkLeHQowcBmZEABRG0JENocmlzIExvcGVyIDxj bG9wZXJAc2VsZWN0c2FsZXMuY29tPokBFQMFEDmhoyMt4dCjBwGZkQEBpegH/2N3 uWhxP/r3xgDUIcrXa3AZMvNpvMfYwwPBMKWD0ihD+Iy10nvx8P5e7kr941kSe6PL 5+KccEXTKjcKEfE9NH5Ubppaiq2XzFmgbDdgy+LNa0mj2uzyOp8sQcA4CTdz1YsS pB2ztb4hQfKHx8PNYyCl64HwSvNyzTrFEIR2uRCDpNoIEiLxMdfL3E/uEgMNIrZh 0I54Isxcq9N9TYb6XwbFIaBgmeVxOp9ak6dfa3uT5ZB5zGVA5YDCA41mIQ4FzVZY tjynQHDc5dMuS5CjGsI8P60d8PH2qJ6BC2s+AIndqt1u3PoqYCOYehwedmL6j51h N4Z03trFPCUdtINIcII= =Urgw -----END PGP PUBLIC KEY BLOCK-----