On Thu, Jun 08, 2006 at 10:19:51PM +0800, Tony Raboza wrote: > Isa pa po tanong - sensiya na - dami ko di alam eh. Gagawa po ako ng > Linux router/gateway para sa office na may around 50 katao na gagamit > ng Internet. Ang isa requirement dapat dito sa office na to di basta > basta makakagamit ng Internet kung sino sino --- for example, kakabit > lang nila laptop nila sa data port sa wall plate then may Internet na. > > Naisip ko - gamit ako ng DHCP tapos fixed yung IP address na binibigay > based on MAC address. Tapos doon sa gateway -- lagay ako ng iptables > rules sa FORWARD na ang i-forward lang yung mga MAC address ng valid > PC. > > Tanong ko po: > - Possible yung FORWARD sa iptables based sa MAC address di ba? > - Ibig sabihin nito since may 50 katao sa office na to eh 50 din yung > FORWARD rules ko -- di kaya babagal Internet nito kasi bawat daan sa > gateway kailangan padaanin sa 50 rules?
IPTables can handle many more rules than that, so don't worry about it. You'll probably want to do the limiting in NAT, which you'll need, instead of in the FORWARD table. Read up on masquerading using IPTables if you need more info. Also, I'm not sure if using MAC addresses there will work. Worst case, you can use IP addresses since you've already bound MAC addresses to specific IP addresses using DHCP. Of course this can be spoofed, but MAC addresses can be spoofed, too. Has anyone on the list tried using a Linksys WRT54G as a router for 50 active Internet users, instead of having a full-blown server to do the job? I don't know how it holds up with that kind of a load, but if it does well Tony Raboza might want to explore using that. Less moving parts and all that bit. Cheers! --> Jijo -- Federico Vicente C. Sevilla III Information Technology Consultant Q Software Research Corporation Website: http://jijo.free.net.ph _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List [email protected] (#PLUG @ irc.free.net.ph) Read the Guidelines: http://linux.org.ph/lists Searchable Archives: http://archives.free.net.ph
