Just to let you know in advance, <PLUG>I've had great success with this 
setup.  We've installed it at several businesses along with samba and it's
solid.</PLUG>  Anyway, (assuming you're running Linux 2.2.x+) you'll need
to setup the MASQ with ipchains...

You setup a private network up on eth0 (192.168.x.x/255.255.0.0) and
forward/masq between 0.0.0.0 (The internet) and your local private
network.  The ipchains commands for this will look something like:

ipchains -A input -s 0.0.0.0 -d 0.0.0.0 -j ACCEPT
ipchains -A forward -s 192.168.0.0/255.255.0.0 -d 0.0.0.0 -j MASQ
ipchains -A forward -s 0.0.0.0 -d 192.168.0.0/255.255.0.0 -j MASQ
ipchains -A output -s 0.0.0.0/0.0.0.0 -d 0.0.0.0/0.0.0.0 -j ACCEPT

This accepts all packets for input/output and masquerades between
192.168.0.0 and 0.0.0.0 as well as the reverse.  Check the ipchains
documentation if you want to block certain ports.  They have a good
explaination.

As far as ppp goes, set it up as usual except add demand, <local
ip>:<remote ip>, idle <seconds> all on newlines in your options.

As far as dns goes, either run your caching dns all the time or use a
remote dns server.  Win9x machines do hostname lookups for file sharing
via wins/netbios lookups so if someone looks up something outside your
network, the link is going up anyway.

Hope that helps.  Did I get it all?

-Kristian Hoffmann
<[EMAIL PROTECTED]>


On Tue, 19 Oct 1999, Denis Voitenko wrote:

> I am well aware that this topic has been circulating in this list for a long
> time (I read the archive). So I was wondering if someone actually wrote
> something like a MINI-HOWTO about PPP on-demand + MASQ + BIND + Etc? Or at
> least could briefly describe what it takes... I am pretty familiar with
> networking but no matter how hard I try it does not seem to work well
> enough. My major questions are:
> 
> 1. When do I bring up masquerading? After the link is established or
> beforehand? If after, how it the world does PPPD know when there is a demand
> for an outgoing traffic?
> 
> 2. When do I bring up the caching DNS?
> 
> Have a nice day/evening/night... :-)
> 
> Denis Voitenko
> Creative Director
> [EMAIL PROTECTED]
> 
> 
> -
> To unsubscribe from this list: send the line "unsubscribe linux-ppp" in
> the body of a message to [EMAIL PROTECTED]
> 


-
To unsubscribe from this list: send the line "unsubscribe linux-ppp" in
the body of a message to [EMAIL PROTECTED]

Reply via email to