Re: Iptables question about peer-to-peer rules
From: Pedro Macedo (webmaster_at_margo.bijoux.nom.br)
Date: 04/04/05
- Previous message: James Wilkinson: "Re: Anoying Peter Whalley Spam messages."
- In reply to: Mark Nixon: "Iptables question about peer-to-peer rules"
- Next in thread: Mark Nixon: "Re: Iptables question about peer-to-peer rules"
- Reply: Mark Nixon: "Re: Iptables question about peer-to-peer rules"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: For users of Fedora Core releases <fedora-list@redhat.com> Date: Mon, 04 Apr 2005 14:36:58 -0300
Em Seg, 2005-04-04 às 19:23 +0200, Mark Nixon escreveu:
> Darn, it's hard to formulate an appropriate subject sometimes.
>
> I have a little peer-to-peer network. I have an ADSL modem and a switch,
> to which I have 4 computers connected,
>
> As far as I have been able to suss out, my ADSL modem or my switch is
> assigning the 10.0.* addresses.
>
> I have only one printer, attached to my Linux computer. At the moment,
> this is the most logical for my configuration.
>
> I have one computer running Win Me, another running Win XP, a third
> running Linux Core 3, and occasionally my laptop running Win XP.
>
> If there's any other info required, let me know.
>
> Up to now, I've been able to use my Linux machine as a print server by
> sending the command (as root) iptables -F.
>
> I know this is stupid.
>
> Of course, I want the other computers on my LAN to be able to see, and
> use, my share files *every* time.
>
> Which, of course, means that iptables rules should be read in at boot
> time.
>
> >From what I've been able to suss out from man iptables, Googling and
> reading "Red Hat Fedora Linux 3 Bible" I should do the following:
>
> stop iptables "/etc/init.d/iptables stop"
>
> from the command line "iptables -A INPUT -p ALL -i eth0 -s 10.0.0.0/6
> accept"
>
> then I should write "service iptables save"
>
> and then reboot?
>
> This seems a little weird, as 10.0.0.1 is my gateway to the internet.
>
> Shouldn't it be "10.0.0.2/6 accept"?
>
Nope.. It's 10.0.0.0/6 accept .... Look on google for some information
about CIDR notation and netmasks...
In fact , I'd preffer to do something more controlled.. Something like
10.0.0.0/24 accept.. This means that only machines with IPs in the range
10.0.0.1 - 10.0.0.254 can access your machine...
> My Linux computer is *not* the Internet gateway, as European energy
> costs rule out (for us, anyway) having my Linux computer always running.
> Each computer on my LAN should be able to access the Internet
> independently.
>
Let me see if I understood correctly... Your modem is connected to a
cable/dsl router, right? (like this:
modem --> router = all the machines )
If it is , then you shouldnt need to have your computer always turned on
to access the internet.. You would have to turn it on just to print ,
since the printer is connected to your computer...
That iptables rule should do the trick of allowing anyone to print to
your printer , as long as cups (the print server) is properly configured
already..
-- Pedro Macedo -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
- Previous message: James Wilkinson: "Re: Anoying Peter Whalley Spam messages."
- In reply to: Mark Nixon: "Iptables question about peer-to-peer rules"
- Next in thread: Mark Nixon: "Re: Iptables question about peer-to-peer rules"
- Reply: Mark Nixon: "Re: Iptables question about peer-to-peer rules"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
