Hey Stephan,
Off the top of my head, you could do it with:
- a proxy server like Squid
- a transparent proxy server
- enable traffic shaping in a 2.1.x kernel
- A proxy server (cachine) could be a serious help in
performance but requires all your clients to
reconfigure to use the proxy. To mandate this,
put into place a IPFWADM/IPCHAINS filters for
port 80, 20, and 21 traffic.
- though I know tranparent proxies exist, I've never
used one.
- Lastly, I beleive the traffic shaping feature in the
2.1.x kernels will let you route traffic based
on the port number. This would be the coolest
way to go if you ask me.
Beyond that.. I don't have any real ideas for you. I have
to admit though.. its a very interesting question. Let us
know what you dig up!
--David
At 02:59 PM 11/14/98 -0500, Stephen Frost wrote:
>
> Okay, not sure if anyone can help me w/ this, but
>I would think it would be possible...
>
> I have a machine w/ two ethernet cards and a
>couple of modems. It has two connections to the internet,
>one over a 28.8k and one over one of the ethernet connections.
>The one on the ethernet will only give me one IP address,
>whereas I get a class C routed to me over the 28.8k line.
>The other ethernet card is for my lan segment that has the
>class C, and I have some people who dial in and get subnets
>out of my class C routed to them.
>
> 206.55.1.9 (28.8k Internet)
> |
> |----| 206.239.239.32/27
> | |
> | |-------|
> ------- gateway
> | | 206.239.239.1
> __| |
> | ----------------- - 206.239.239.0/27
>204.245.103.88 | |
>(Fast - Internet) | | 206.239.239.5
> 206.239.239.3
>
> Okay, hope that helps. Now, my interest is to use
>ip masq'ing for things like web and ftp and other protocols
>that work well w/ ip masq'ing and to have all of those
>connections be masq'ed and routed out the fast internet
>connection and everything else (Except where blocked by
>my firewall options) be routed out the slow internet
>connection, and also have inbound connections from the 28.8k
>be routed to machines on my segment according to my firewall
>rules.
>
> So I guess my question is, any ideas on how I could
>achive this? Can it be done w/ ipchains? I saw something
>about a 'Port forwarder' for 2.0.x kernels, but didn't see one
>for the late 2.1.x (ie: 2.1.127 and later) kernels. I tried
>to email the author but didn't get a response.
>
> If you have any suggestions as to where I could look
>to find this information that of course would also be greatly
>appriciated!
>
> Many thanks!
>
> Stephen
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>For daily digest info, email [EMAIL PROTECTED]
>
.----------------------------------------------------------------------------.
| David A. Ranch - Remote Access/Linux/PC hardware [EMAIL PROTECTED] |
!---- ----!
`----- For more detailed info, see http://www.ecst.csuchico.edu/~dranch -----'
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
