Re: Proxy config...
From: Pete Nesbitt (pete_at_linux1.ca)
To: email@example.com Date: Thu, 27 Nov 2003 20:29:52 -0800
On November 27, 2003 01:28 am, Paula Fernandes wrote:
> I have a small network with ADSL Internet service provided with a
> router. I have this machine (RedHat 9.0) and another machine (windows98)
> in the network. I just want to provide Internet access to the windows98
> machine via some proxy intaled in my RedHat PC.
> This is all I want!!
> Thanks for help
A few questions, presuming you want to 'protect' the win98 box with a
firewall, because as Roger points out most broadband connectins allow 2 IP's
(at least around here). So you either need to protect the 98 box or you only
get 1 IP and need to mask the 98 box. As far as the firewall protecting a 98
box, unless you have file sharing, or some web server, there should be
nothing 'listening' on the 98 box so nothing to attack (although I am really
not up on windows issues).
Either way, for the best performance you want to have 2 network cards in the
Linux box. It can be done with one using a virtual interface and a hub but it
doubles the load and buffer requirements on the nic which will likely impact
performance, and provides questionable security.
If you are going to connect the two systems (98 & linux) directly you need a
"crossover cable", if you use a hub/switch between them use regular cat5
You will need to set your 98 box and the inside nic on Linux with non-routable
IP's. Most typical are 192.168.1.0/24 network.
Default Gateway: 192.168.1.1
linux eth1: (internal network)
Default Gateway: eth0
all setings from dhcp
You will also want to copy the info from the Linux /etc/resolv.conf to the
windows machine (don't know where) for dns lookup info.
Does anyone know a better way to populate nat'd clients with nameserver info?
You should now be able to ping between the two 192. IP's but not thru the
firewall from the LAN. The Linux box should have Internet access.
Now the network is ready, time for a firewall...
Set the firewall to run NAT (to hide the inside IP's) then decide what
services you want to allow inbound, which will likely be nothing "new" (just
established or related). You will probably want to allow all outbound
Sasa suggested a gui based firewall admin tool at
http://firestarter.sourceforge.net it is probably all you need to set up and
maintain a basic firewall (once the networking is in place).
Please reply with what aspects you need help with.
-- Pete Nesbitt, rhce -- redhat-list mailing list unsubscribe mailto:firstname.lastname@example.org?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list