[linux-help] Re: Gateway
[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
there are several steps to follow
1. I set up the Linux server as a caching nameserver. (not required but it
makes it easier for the hosts on the private network)
2. using ipchains
set a default policy for forward to DENY
set a chain for forward to masquerade anything originating on the
private network to anywhere not on the private network.
3. In the /etc/sysctl.conf file
set the ip_forward = 1
set the ip_always_defrag = 1
4. On your host(s) on the private network
set the default gateway to the class C address on your Linux machine
set the default nameserver to the same address
Now when you start up, the Linux server will get a default gateway,
nameservers, and IP from dhcp, and then will handle forwarding and
masquerading.
5. for additional security you need to set tcp wrappers to deny anything
not explicitly allowed.
I do that by adding one line to /etc/hosts.deny " ALL: ALL"
(which denies all services to all hosts)
and by adding one line to /etc/hosts.allow "ALL:
192.168.2."
(this line explicitly allows anything within my private class c
to access the Linux services)
----- Original Message -----
From: "Craig Terhune" <cterhune@xxxxxxxxxxx>
To: <linux-help@xxxxxxxxx>
Sent: Tuesday, February 27, 2001 9:58 PM
Subject: [linux-help] Gateway
>
> I have two nic's, one dhcp, and the other is a class c address in my
> Linux box. The class c is hooked to a os/2 machine configured the same
> way.I have enabled ip forwarding. Now how do I set the dhcp (rr) to be
> the gateway for the os/2 machine. Do I need to install and set up
> something else.
>
>
>
>
> -- This is the linux-help@xxxxxxxxx list. To unsubscribe,
> visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
>
-- This is the linux-help@xxxxxxxxx list. To unsubscribe,
visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
|
|
