[linux-help] Re: name service
[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
Compile/make sure ip-masquerade is compiled into the kernel, then set up
ipchains to deny all incoming connections, and forward all packets from the
local network out through ipmasq, something like:
ipchains -P forward DENY # shuts off the incoming connections
ipchains -A forward 192.168.1.0/24 -j MASQ # all connections out gets sent
through ipmasq.
You would obviously change the ip address/subnet mask to your settings.
These lines are for kernel 2.2, and can be added to the rc.local (that's
what it is in RH, dunno 'bout deb, it makes my brain hurt) or, you oculd put
them in a startup script, but put them in BEFORE you start up the network,
that way you don't have to worry about somebody sending packets through
before your firewall is up.
ja
-----Original Message-----
From: tom@xxxxxxxxxxxx [mailto:tom@xxxxxxxxxxxx]On Behalf Of Tom Hull
Sent: Friday, September 22, 2000 11:16 AM
To: linux-help@xxxxxxxxx
Subject: [linux-help] name service
Quick question, probably old hat for those who have been paying attention:
I have cable modem hooked into a Linux box, other machines on LAN, and
want to access cable modem from those machines. All of these machines
have static addresses (since my LAN is a subset of a larger network that
I do not manage, therefore cannot run DHCP). The cable addresses are DHCP.
The Linux box works fine with the cable. What (at a high level) do I have
to do to the Linux box to get it functioning as a gateway?
I have lots of doc -- just don't know where to start. Thanks.
--
/*
* Tom Hull * thull@xxxxxxxxxxx * http://www.ocston.org/~thull/
*/
-- This is the linux-help@xxxxxxxxx list. To unsubscribe,
visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
-- This is the linux-help@xxxxxxxxx list. To unsubscribe,
visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
|
|
