Re: Linux RedHat 7.1 as Router in a LAN

Sat, 22 Sep 2001 09:23:03 -0700 

On 22-Sep-2001 Mike Chambers wrote:
> ----- Original Message -----
> From: "Jochen Kächelin" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Saturday, September 22, 2001 10:49 AM
> Subject: Linux RedHat 7.1 as Router in a LAN
> 
> 
>> I wan't to use the Linuxbox as Router for all Win98s
>> in the LAN. I read several docs but have big problems
>> in finding the correct files. Most docs I read are
>> for SuSE.
>>
>> The Linuxbox usese 2 NICS:
>>
>> eth0: 3COM905b (LAN) -> working correct
>> eth1: REALTEK 8029 (DSL) -> working correct
>>
>> IPs: Linux: 192.168.0.1
>>      Win98s: 192.168.0.2/.3/.5
> 
>> But the Win98s could not connect to the Internet. My docs
>> told me that I must modify a /etc/route.conf - but I can't
>> finf it!
> 
> You need to setup a firewall via ipchains or iptables (best) which will
> include setting up masquerading so your network is masq'd behind your IP.
> You also will need to turn on ip_forwarding so your linux box will forward
> the network traffic thru the firewall and to the internet.
> 
> If you decide to use iptables, rmmod ipchains then chkconfig ipchains off so
> ipchains isn't loaded and iptables is available.
> 
> http://netfilter.samba.org is a good place to start to learn iptables.

Put this in /etc/rc.d/rc.local:

insmod /lib/modules/2.4.5-SGI_XFS_1.0.1/kernel/net/ipv4/netfilter/ip_conntrack.o
insmod /lib/modules/2.4.5-SGI_XFS_1.0.1/kernel/net/ipv4/netfilter/\
ip_conntrack_ftp.o
modprobe iptable_nat

(Change the kernel name to something appropriate to your system.)

Then set up your firewall. An easy way to set up filtering and masquerading
is to use a prepackaged script that all you have to do is modify a bit and run.
I use:

  http://www.linuxguruz.org/iptables/scripts/rc.firewall_009.txt

All you have to do is modify a few lines at the beginning (mainly just setting
the network address of your local network), make the script executable and run
it. 
______________________________________________________________________
Stuart Luppescu         -=-=-  University of Chicago
ºÍʸ ¤ÈÃÒÆàÈþ¤ÎÉã(EUC)  -=-=-  [EMAIL PROTECTED]
http://www.consortium-chicago.org/people/sl/sl.html
PGP public key: www.consortium-chicago.org/people/sl/pubkey.asc
       ICQ #21172047  AIM: psycho7070
DISCLAIMER:
Use of this advanced computing technology does not imply an endorsement
of Western industrial civilization.
>> Sent on 22-Sep-2001 at 11:44:45 with xfmail



_______________________________________________
Seawolf-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/seawolf-list

Reply via email to