Are you trying to make this as difficult as possible? There are about a billion other options that will work just as good with about half an hour of set up, not hundreds of hours. How many people really compile a custom kernel just for a gateway? Start with floppyfw www.zelow.no
Spencer ----- Original Message ----- From: "Daniel Brown" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, October 01, 2001 10:29 PM Subject: Re: HW recs for gateway computer > if you dont want to run linux, then you are stuck with win2k server and > demands for a fast pc > > if you want to use linux (i thought you would), then take a deep breath > , set aside a few (hundred) hours, and get ready to have some fun. i > have the exact same situation (cable modem with low-end dedicated > ip-masq router) used a slackware 8.0 install (with upgraded kernel). > just about any configurable installation will do. i like slack because > it gives you extensive control over what is and isnt installed. > > for what you need, you dont need very much installed at all. > basic libraries (glibc, maybe perl, python, i see no reason for java) -- > all depends on how much extra stuff you want to compile and install on > it later. if you have the disk space, just put all the libraries (of > languages that youve actually heard of ;) ) on it. > basic networking apps (telnet, sshd, no httpd (apache), no ftpd > (proftpd, wu-ftpd, etc...), etc... > basic admin tools (shells, /sbin, /bin, etc...), and some other stuff i > surely cant bring to mind... > oh yeah, a kernel > > as far as kernel versions go, you need to make a decision about which > packet filtering tool you want to use. i initially ran ipchains (2.2.x > kernels) cause 2.4.x was quite new, but i recently upgraded to 2.4.9 and > had to switch everything over to iptables. i like iptables better than > ipchains. its organized a little better (they learn a bit more how to > organize these firewalling/filtering tools all the time). i say you > start with iptables. forget ipchains and its predecessor (i forget the > name -- was for 2.0.x kernels). besides, it will make you learn how to > download, compile, and install a kernel (no, you cant cop-out and just > run 2.4.5 from the slack install :P ). you will run 2.4.10 (download it > from ftp://ftp.kernel.org/pub/linux/kernel/v2.4/linux-2.4.10.tar.gz), or > i will make you run 2.4.10. not really. its just good to know how to do > this. > > the iptables howto is available (unofficially still) from > http://netfilter.filewatcher.org/unreliable-guides/NAT-HOWTO.txt and a > packet filtering howto (for more advanced firewalling) is available at > http://netfilter.filewatcher.org/unreliable-guides/packet-filtering-HOWTO.tx t > > > again, you cant use iptables unless you are running a 2.4.x kernel > if you are trying to do this with 2.2.x (and dont want to upgrade for > some reason), you must use ipchains. a HOWTO for ipchains is available > on http://www.linuxdoc.org check the HOWTOs section. > if you are further trying to do this with 2.0.x (why?) then you need to > use some other tool. i think its called ipfwadm or something... ya, that > looks right (ip firewall admin). there is no reason to regress this far > back. some people have things against new kernels and new tools. but > ipchains and 2.2.x kernels are not still new. if you use ipfwadm and > 2.0.x kernels, then you smell bad. > > umm... oh, how to use this stuff. read HOWTOs and Guides on > http://www.linuxdoc.org (great site). there will be one illustrating how > to compile a kernel, how to install a kernel, even how to write kernel > modules and hack around in kernel guts. dont tell me they cant tell you > how to do it. they might tell you how to do it in 30 pages, but its > there somewhere. > > for those who dont want to read, (lazy, kinda like me), here is a brief > rundown of useful commands and stuff: > > man <command> read the manual page for <command> > tar -xvf <file> unarchive a .tar file > gunzip <file> unzip a .gz file > tar -xzvf <file> unarchive and unzip a .tar.gz/.tgz file > cp <file1> <file2> copy file1 to file2 > mv <file1> <file2> move file1 to file2 (or to rename) > rm <file1> remove a file > > cd /usr/src/linux && make mrproper && make menuconfig && make dep && > make clean && make bzImage && make modules && make modules_install && > depmod -a && cp arch/i386/bzImage /vmlinuz && cp System.map > /boot/System.map && lilo && reboot > recompile and install my kernel ;) > find guide/howto for this one! > > i think that should give you a good start. ... you will need to compile > a kernel specially to run any kind of nat (network address xlation), so > dont think you can get out that easy. go ahead and grab 2.4.10. > > if i missed anything or you got a Q, dont hesitate to spam it out to the > siglinux list. thats what its for > > daniel brown > > > > Jai Jai wrote: > > > I look forward to this info also, and hope that any replies will either > > be sent to the list or that I could be cc'd in the reply. > > > > > > No matter what you may believe to be true, Benjamin Bradley said: > > > >> Hi, I'm about to (hopefully) set up a LAN between the (4-5) computers in > >> my house and would like to share a cable modem connection between them. > >> We're thinking of setting up an older computer to be a dedicated gateway > >> system. My question is: how fast does this gateway need to be? It seems > >> like it wouldn't have to be very fast since all it's doing is NAT, but I > >> don't want to get stuck with bad service. > >> > >> Also, is there any sort of step-by-step guide anywhere to set up this > >> kind > >> of thing? I'll be honest: linux scares me. I know it's the best way to > >> set > >> it up, but I realize that I don't know nearly enough to set this up on my > >> own - much less troubleshoot it when things mess up. > > > -------------------------------------------------------------------------- - > Send administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------------- Send administrative requests to [EMAIL PROTECTED]
