Re: Proxy config...

From: Pete Nesbitt (pete_at_linux1.ca)
Date: 11/28/03

  • Next message: Ashley M. Kirchner: "Re: DNS not responding"
    To: redhat-list@redhat.com
    Date: Thu, 27 Nov 2003 20:29:52 -0800
    
    

    On November 27, 2003 01:28 am, Paula Fernandes wrote:
    > Hi,
    >
    > I have a small network with ADSL Internet service provided with a
    > router. I have this machine (RedHat 9.0) and another machine (windows98)
    > in the network. I just want to provide Internet access to the windows98
    > machine via some proxy intaled in my RedHat PC.
    >
    > This is all I want!!
    >
    > Thanks for help
    >

    Hi Paula,
    A few questions, presuming you want to 'protect' the win98 box with a
    firewall, because as Roger points out most broadband connectins allow 2 IP's
    (at least around here). So you either need to protect the 98 box or you only
    get 1 IP and need to mask the 98 box. As far as the firewall protecting a 98
    box, unless you have file sharing, or some web server, there should be
    nothing 'listening' on the 98 box so nothing to attack (although I am really
    not up on windows issues).

    Either way, for the best performance you want to have 2 network cards in the
    Linux box. It can be done with one using a virtual interface and a hub but it
    doubles the load and buffer requirements on the nic which will likely impact
    performance, and provides questionable security.

    If you are going to connect the two systems (98 & linux) directly you need a
    "crossover cable", if you use a hub/switch between them use regular cat5
    cables.

    You will need to set your 98 box and the inside nic on Linux with non-routable
    IP's. Most typical are 192.168.1.0/24 network.
    win98
      IP: 192.168.1.5
      Netmask: 255.255.255.0
      Default Gateway: 192.168.1.1

    linux eth1: (internal network)
      IP: 192.168.1.1
      Netmask: 255.255.255.0
      Default Gateway: eth0

    linux eth0:
      all setings from dhcp

    You will also want to copy the info from the Linux /etc/resolv.conf to the
    windows machine (don't know where) for dns lookup info.
    Does anyone know a better way to populate nat'd clients with nameserver info?

    You should now be able to ping between the two 192. IP's but not thru the
    firewall from the LAN. The Linux box should have Internet access.

    Now the network is ready, time for a firewall...

    Set the firewall to run NAT (to hide the inside IP's) then decide what
    services you want to allow inbound, which will likely be nothing "new" (just
    established or related). You will probably want to allow all outbound
    traffic.

    Sasa suggested a gui based firewall admin tool at
    http://firestarter.sourceforge.net it is probably all you need to set up and
    maintain a basic firewall (once the networking is in place).

    Please reply with what aspects you need help with.

    -- 
    Pete Nesbitt, rhce
    -- 
    redhat-list mailing list
    unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
    https://www.redhat.com/mailman/listinfo/redhat-list
    

  • Next message: Ashley M. Kirchner: "Re: DNS not responding"