Ikonboard » Printable Version of Topic

Forum: Geek Forum
Topic: Linux Router...
started by: Spydir Web

Posted by Spydir Web on Apr. 09 2001,01:33

Ok, this is my third attempt at posting this (damn you mozilla!!)...

I have two computers, one linux box (spydir) and one win98se box (doze). spydir has a 56K modem, and both have identical 10/100 ethernet NIC's.

I'm looking for some document or tutorial that'll give me step-by-step instructions on how to setup the two computers so spydir is basically a VPN router for doze, with SAMBA and all the likings. I've read over a couple things but they're all pretty much excessive with crap on DHCP, ATM's, Token Ring, etc, etc and all I want is for spydir to connect to the 'net, and doze to use it's connection through some IP masq. (static ip from the 192.168.0.0 C class set for doze, I figure...)

Note - spydir is a slackware 7.1/current (some parts are updated, some aren't) with kernel 2.2.18 all setup with drivers for eth0 and IP Masq. and stuff. I've read a couple things and think I have stuff kinna-sorta setup, but I'd like to make sure before I royally fuck something up (again) and all...

------------------
Spydir Web - < http://netsyndrome.net/spydirweb/ >
Net Syndrome - < http://www.netsyndrome.net/ >

Sometimes you're the dog, sometimes you're the hydrant...

Posted by damage on Apr. 09 2001,01:41

Use IPFilter. It's a NAT and filtering program. You can have it up and running in about 15 minutes after compilation.

Here's where to get it and how to set it up. It's what I use and it's easy as hell.
< http://www.free-x.ch/pub/ipf-conf-en.html >

P.S. Once you've got it installed, if you want some help getting it setup lemme know.
------------------
damage@detonate.net

"On a long enough timeline the survival rate for anyone drops to zero."
-Narrator 'Fight Club.'

This message has been edited by damage on April 09, 2001 at 08:41 PM

Posted by just_dave on Apr. 09 2001,01:44

linux has a built in firewall that will work to but I would try the other thing before my post.....

------------------
If you have multiple personalties and think about suicide is it a hostage situation???

Posted by damage on Apr. 09 2001,01:52

IPFilter was originally part of FreeBSD. It just became so popular that they published the source and started testing it on other platforms. That's what I use on my Solaris boxes and it's been working great for 3 years.

------------------
damage@detonate.net

"On a long enough timeline the survival rate for anyone drops to zero."
-Narrator 'Fight Club.'

Posted by KL1NK on Apr. 09 2001,04:53

IP masq (ipchains).
Here's a quite useful HOWTO < http://www.linuxdoc.org/HOWTO/IP-Masquerade-HOWTO.html >

This message has been edited by KL1NK on April 09, 2001 at 11:55 PM

Posted by Spydir Web on Apr. 09 2001,16:14

Well yeah, that's what I was figuring I would have to do... but that's not what I'm looking for. I just gotta find some place that gives direct instructions on setting up spydir so doze can connect to the 'net using it, with very little or no excess. I am interested in learning a whole lot about networking admin'ing, but for now I just want the computers setup.

------------------
Spydir Web - < http://netsyndrome.net/spydirweb/ >
Net Syndrome - < http://www.netsyndrome.net/ >

Sometimes you're the dog, sometimes you're the hydrant...

Posted by damage on Apr. 09 2001,18:02

That IP-Masq doc is about as HowTo as they come. You're gonna need some NAT or Masq software to get this done. IP-Masq seems to be the best way because it supports DHCP for external addresses and you can use diald or dial-on-demand for it. I can't see a simpler way of doing it.

------------------
damage@detonate.net

"On a long enough timeline the survival rate for anyone drops to zero."
-Narrator 'Fight Club.'

Posted by Spydir Web on Apr. 09 2001,21:40

Ok... I've followed the directions in the IP-Masq HOWTO so far, and I'm to the part where you're supposed to ping the masq-server from the masq-client, but it won't work! My network card's lights aren't on, I think (I'm not to familiar with these cards :confused

. Isn't there supposed to be a light coming from behind where the CAT5 goes in, too?...

yeah, anyways... the HOWTO goes over what I need, somewhat. Any help?

------------------
Spydir Web - < http://netsyndrome.net/spydirweb/ >
Net Syndrome - < http://www.netsyndrome.net/ >

Sometimes you're the dog, sometimes you're the hydrant...

Posted by Observer on Apr. 09 2001,21:54

Are you connecting your two machines' NICs directly with a patch cable? If you are, then you need a Cat-5 crossover cable or a hub/switch to connect them. A regular cable won't work this way. On each NIC there should be one light labeled "Link". If that isn't on, then you don't have the right connection.

------------------
A good programmer is someone who looks both ways on a one-way street

Posted by Spydir Web on Apr. 10 2001,01:47

d'oh! From what people have told me I could just run a CAT 5 between the two computer's NIC with out a hub or anything. The light for Link isn't on, either... who knows, hopefully I'll figure something out soon... it really bothers me that I got some really cool Sims stuff that I can't get on the web

------------------
Spydir Web - < http://netsyndrome.net/spydirweb/ >
Net Syndrome - < http://www.netsyndrome.net/ >

Sometimes you're the dog, sometimes you're the hydrant...

Posted by Observer on Apr. 10 2001,01:53

Well just run out to your local CompUSA or BestBuy and pick up a crossover cable. It's a useful thing to have.

------------------
A good programmer is someone who looks both ways on a one-way street

Posted by aventari on Apr. 10 2001,02:07

instead of buying a patch cable, i would save the 5 bucks or what ever and pick up a cheap 10 megabit hub for like 20 bucks. It's much more useful.

My boss just had to throw like 5 of them in the garbage, you could probably find someone to give you one

As for an easy howto, this is the easiest/best written one i've ever seen (it's for Red Hat 6.2, but it uses IP Chains so it's a good read for ya) < http://www.coastnet.com/~pramsey/linux/homenet.html >

------------------
on the Path of the Way

Posted by Spydir Web on Apr. 10 2001,02:32

I'm not really to good on the idea of having to buy something else, I'm kinna strapped for cash. Any idea on an estimated exact cost (holy shit, I think that's the coolest oxymoron I've thought up in a while) of one of the cross over tables? I might go hub if I got some extra cash around after I get my dreadlocks... and on that, any idea on how much it is for a hair salon to put those tiny little dreads in 4 inch long hair?...

so, umm... yeah. Thankie's a lot. I'll look into that cross-over cable, and maybe call up my buddy joe and see if he can get my a hub or something (the dude's dad works at cisco. He just got a 21'' monitor cuz it was just "laying around at the office"... bastard!). If something doesn't work I guess I'll have to revive this thread. Thanks again!

------------------
Spydir Web - < http://netsyndrome.net/spydirweb/ >
Net Syndrome - < http://www.netsyndrome.net/ >

Sometimes you're the dog, sometimes you're the hydrant...

Posted by just_dave on Apr. 10 2001,03:55

crossovers are pretty cheap maybe like .15 cents more a foot than a patch.. the reason being in a crossover there are cables that are crossed.. ie "crossover cable" as to where a hub/switch does internal crossing...

------------------
If you have multiple personalties and think about suicide is it a hostage situation???

Posted by Spydir on May 05 2001,16:11

I'd hate to bring up a dead thread, but if anyone else ever needs something like this, check out this guide on attrition I just found:

< http://www.attrition.org/security/newbie/misc/ipmasq.html >

------------------
Net Syndrome - < http://www.netsyndrome.net/ >
Spydir Web - < http://www.netsyndrome.net/spydirweb/ >