/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! */
Good day,
Sorry, you didn't include your real name, so I don't know how to
address you...
On Thu, 4 Nov 1999, AINut wrote:
> I have set up a Linux firewall box using SuSE Linux 6.2, kernel 2.2.10,
> connected to the outside world via ADSL with ipchains. I have a machine
> behind it that boots Linux, NT, or 98, as needed.
>
> +----------------+ +--------------+
> World <--> ADSL <--> | Linux firewall | <---> | PC w/Linux, |
> +----------------+ | or NT, or 98 |
> 1.2.3.4, 192.168.0.254 +--------------+
> (DHCP ISP assigned #) 192.168.0.5
> ( & internal assigned #)
>
> My questions are:
>
> 1. what does the "/24" stand for in ip address 1.2.3.4/24? I have been
> doing networks for years but have never seen this nomenclature.
The number of bits in the subnet mask. It's a shorthand for
255.255.255.0, which is 8+8+8+0 bits. A Class "B" net (255.255.0.0) is a
/16 (8+8+0+0). A 4 address subnet (255.255.255.252) is a /30 (8+8+8+6).
> 2. When the internal PC is running Linux using 192.168.0.5, how do I
> access it from work via telnet and ftp? As in, what address do I use?
> "telnet whatipaddress?" and "ftp whatipaddress"?
You'll need to forward packets arriving at 1.2.3.4 to 192.168.0.5.
For example, you could forward port 1.2.3.4, port 606 to 192.168.0.5, port
23. You could then telnet to 1.2.3.4 port 606 and it'll be just as if you
telnet'ed directly to 192.168.0.5 .
See the IP Masquerade resource at http://ipmasq.cjb.net and the
links off of it for information on port forwarding.
ftp is tougher since it uses multiple ports; you'll probably want
to place anything that needs to be ftp'd on the masq box.
> 3. Since my ISP is supposed to change the firewalls address every couple
> of days, how do I keep up with that if they change it while I'm at work?
The dhcp clients I've worked with in Linux have all supported
running a script after the new address is assigned. In that script, do
something like:
ifconfig | mail -s "Here is that new IP address..." [EMAIL PROTECTED]
Or ftp the address to some web or ftp server where you can quickly
find it. Or look into one of the dynamic dns services that allows you to
register a new IP address for mybox.somedynamicdns.com each time you
connect.
> I have looked through FAQ's, etc., but can't find the answers to these
> problems. Also, I did read that 2.2.10 is a bad kernel for ipchains,
> but SuSE doesn't have anything newer on their web site. Further, I am
Upgrading to 2.2.13 is a good idea; the earlier kernels had
problems with packet loss, among other things.
> concerned that to update just the kernel, that drivers and the C
> compiler may break if they aren't updated, too.
When you get the new kernel, take a look at the CHANGES file;
it'll tell you what versions of programs are needed both to compile this
new kernel and to run the system with the new kernel. If it tells you
that you need version 12.13.14 of gooberutils, and "rpm -q gooberutils"
says you have version 12.0.0, you'll need to get an upgrade; check at
suse's ftp site first to see if they have the new version packaged up
nicely.
See http://www.pobox.com/~wstearns/buildkernel/ or the
Kernel-HOWTO at http://metalab.unc.edu/linux/HOWTO/ if you need help
with building a kernel.
Cheers,
- Bill
---------------------------------------------------------------------------
People standing in the middle of the road look like
roadkill to me.
-- Linus Torvalds, keynote speech at LWCE.
--------------------------------------------------------------------------
William Stearns ([EMAIL PROTECTED]). Mason, Buildkernel, named2hosts,
and ipfwadm2ipchains are at: http://www.pobox.com/~wstearns/
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES
UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
